scientific-paper
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to read and edit existing .tex files, which creates a vulnerability surface for instructions embedded in external documents. 1. Ingestion points: existing .tex files (SKILL.md). 2. Boundary markers: absent (the agent is instructed to read the entire file without explicit delimiter requirements). 3. Capability inventory: file-writing of .tex and .bib files and suggesting shell-based compilation commands. 4. Sanitization: absent.
- [Remote Code Execution] (SAFE): No remote code downloads or execution patterns (e.g., curl | bash) were detected. Compilation commands such as pdflatex and biber are standard for the skill's domain.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, access to sensitive environment files, or unauthorized network operations were found.
- [Obfuscation] (SAFE): No evidence of Base64, zero-width characters, or other encoding techniques intended to hide malicious logic.
Audit Metadata