meta-manuscript-assembly
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (MEDIUM): The skill processes external manuscripts (manuscript_sections.md) and data (extraction.csv) without sanitization or boundary markers. * Ingestion Points: User-provided Markdown and CSV files. * Boundary Markers: None. * Capability Inventory: Local file system writes, shell command (grep) execution, and Python script execution. * Sanitization: Absent.
- Command Execution (LOW): The skill generates and executes a Python script (assemble_figures.py) and shell commands. While the provided logic is benign, script generation at runtime represents an expanded attack surface.
Audit Metadata