research-grants
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to utilize the
Bashtool to execute internal Python scripts such asgenerate_schematic.py,compliance_checker.py,budget_calculator.py, anddeadline_tracker.py. These scripts are intended for task-specific functions like figure generation and budget calculations. The use of these scripts is a standard feature for this vendor's productivity ecosystem. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface (Category 8) related to its schematic generation feature. User-provided descriptions are passed as command-line arguments to a shell script, which could be exploited if the input is not correctly handled by the agent or the script.
- Ingestion points: User natural language descriptions for diagrams in the
SKILL.mdandreferences/README.mdfiles. - Boundary markers: No explicit delimiters or instructions to ignore embedded instructions are present in the provided command templates.
- Capability inventory: The skill allows the use of the
Bashtool to run Python scripts with user-supplied arguments. - Sanitization: No sanitization or escaping logic is visible in the markdown instructions for handling user input before shell execution.
- [EXTERNAL_DOWNLOADS]: The documentation references official government domains (e.g., nsf.gov, nih.gov, energy.gov, darpa.mil) and community-maintained LaTeX templates on GitHub. These are recognized as legitimate informational resources and do not involve the dynamic loading or execution of remote code by the skill itself.
Audit Metadata