nsfc-writer
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No attempts to override agent behavior, bypass safety guidelines, or extract system prompts were found. The instructions are strictly task-oriented and professional.
- [DATA_EXFILTRATION]: The skill does not access sensitive local file paths (such as .ssh or .aws/config) or hardcode any credentials. It utilizes literature search tools (PubMed, Academic Search) to fetch public research data, which is consistent with its stated purpose.
- [REMOTE_CODE_EXECUTION]: The skill mentions using MCP (Model Context Protocol) tools for PubMed and Academic Search, which are well-known and trusted services. There are no instructions to download and execute external scripts or install unverified packages.
- [OBFUSCATION]: The content is clear and uses standard Markdown formatting. No hidden content, Base64 encoding of commands, zero-width characters, or homoglyphs were detected.
- [COMMAND_EXECUTION]: There are no instances of subprocess spawning, shell command execution, or dangerous system-level operations.
- [INDIRECT_PROMPT_INJECTION]: While the skill ingests untrusted user data (research drafts and topics), it does so within the context of a writing assistant. It lacks the high-privilege capabilities (like file system writes or unauthorized network requests) that would make this surface critical.
Audit Metadata