scholar-evaluation
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted scholarly work (papers, proposals, etc.) provided by users. Maliciously crafted content within these documents could attempt to influence the agent's behavior or override its evaluation criteria.\n
- Ingestion points: Scholarly documents and text provided for evaluation as described in
SKILL.md.\n - Boundary markers: Absent; the instructions do not implement specific delimiters or warnings to the agent to ignore instructions embedded within the processed text.\n
- Capability inventory: The skill can perform network requests to external APIs via
scripts/generate_schematic_ai.pyand write files to the local filesystem usingscripts/calculate_scores.pyandscripts/generate_schematic.py.\n - Sanitization: No sanitization or filtering of the input text is performed before it is processed by the agent.\n- [EXTERNAL_DOWNLOADS]: The script
scripts/generate_schematic_ai.pyinitiates network connections toopenrouter.aito facilitate AI-powered diagram generation and quality review. This is a well-known service used here for the skill's stated purpose and is handled neutrally per established guidelines.\n- [COMMAND_EXECUTION]: Thescripts/generate_schematic.pywrapper script utilizessubprocess.runto execute the internalscripts/generate_schematic_ai.pyscript. The execution is handled by passing arguments as a list, which prevents standard shell injection risks.
Audit Metadata