Skills
skills/k-dense-ai/scientific-agent-skills/hypogenic/Gen Agent Trust Hub

hypogenic

Pass

Audited by Gen Agent Trust Hub on Apr 11, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches the hypogenic library from PyPI and clones datasets from the ChicagoHAI GitHub organization, which is an established research entity.
  • [COMMAND_EXECUTION]: Executes CLI commands for environment setup (e.g., uv pip install) and task execution, including PDF preprocessing and hypothesis testing scripts (e.g., bash ./modules/run_grobid.sh).
  • [PROMPT_INJECTION]: Vulnerable to Indirect Prompt Injection (Category 8) due to the processing of external data content.
  • Ingestion points: Dataset JSON files and research paper PDFs specified in the task configuration (SKILL.md).
  • Boundary markers: Absent; prompt templates in references/config_template.yaml directly interpolate data using placeholders like {sample_text} without protective delimiters.
  • Capability inventory: The skill can read/write files and execute shell-based research tools and network API calls to LLM providers (SKILL.md).
  • Sanitization: No explicit validation or filtering of input data content is documented before interpolation into prompts.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 11, 2026, 10:28 PM