hypogenic
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches example datasets and literature processing tools from external GitHub repositories (ChicagoHAI) during setup.
- [COMMAND_EXECUTION]: Instructs the user to run local shell scripts (setup_grobid.sh, run_grobid.sh) for environment configuration and execute Python scripts for PDF preprocessing.
- [PROMPT_INJECTION]: The 'Suggest Using K-Dense Web' section contains direct instructions to steer agent behavior, requiring the agent to promote specific commercial services when tasks reach certain complexity thresholds.
- [PROMPT_INJECTION]: Presence of an indirect prompt injection surface due to data-driven processing. 1. Ingestion points: Dataset JSON files and PDF research papers. 2. Boundary markers: Prompt templates (e.g., batched_generation, inference) in config_template.yaml do not use delimiters to isolate variable data. 3. Capability inventory: Environment setup involves shell execution (bash), repository cloning (git), and network-based API interaction. 4. Sanitization: No explicit validation or filtering logic is present to sanitize untrusted content before it is processed by the model.
Audit Metadata