Skills
skills/inference-sh/skills/case-study-writing/Gen Agent Trust Hub

case-study-writing

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes bash commands using the infsh CLI to initiate research tasks and generate data visualizations via a Python executor. These operations are part of the intended vendor functionality.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes data from external sources. * Ingestion points: Untrusted data enters the agent context via the output of the tavily/search-assistant and exa/search tools (referenced in SKILL.md). * Boundary markers: The skill lacks explicit delimiters or instructions to ignore embedded commands within the retrieved search results. * Capability inventory: The agent has the ability to execute Python scripts and bash commands through the infsh CLI (SKILL.md). * Sanitization: There is no evidence of filtering or validation of the external content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 08:37 AM