hypogenic
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): The configuration defines prompt templates that interpolate untrusted data from JSON files and PDF documents. This represents a surface for indirect prompt injection.\n
- Ingestion points:
data/train.json,data/val.json,data/test.json, and files in thepapers/directory.\n - Boundary markers: None. Data is directly inserted into templates using placeholders like
{data_samples}and{sample_text}without delimiters or instructions to ignore embedded commands.\n - Capability inventory: The skill uses LLMs for hypothesis generation, inference (classification), and adaptive refinement.\n
- Sanitization: No sanitization or escaping logic is present in the configuration templates to handle potentially malicious content within the dataset or literature.\n- Credentials (SAFE): API keys are referenced via environment variables (
OPENAI_API_KEY) rather than being hardcoded.
Audit Metadata