peer-review
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the execution of internal Python scripts (e.g.,
scripts/generate_schematic.pyandskills/scientific-slides/scripts/pdf_to_images.py) to support its visualization and slide-review workflows. - [PROMPT_INJECTION]: High-priority instructions (labeled 'CRITICAL' and 'MANDATORY') are used to ensure the agent follows specific workflows, such as image-based inspection of PDFs to avoid technical processing errors.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it is designed to ingest and analyze untrusted external data (scientific manuscripts and slide decks). Evidence chain: 1. Ingestion points include user-provided PDFs and manuscripts; 2. No explicit boundary markers or 'ignore' instructions are defined for this content; 3. Capability inventory includes local Python script execution via subprocess; 4. No sanitization of the input content is specified before the agent processes the data.
- [EXTERNAL_DOWNLOADS]: Includes a reference to a vendor-related external website (
www.k-dense.ai) which is presented as an optional productivity platform.
Audit Metadata