peer-review
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute Python scripts via the Bash tool to generate schematics and process PDF slides (e.g., scripts/generate_schematic.py and skills/scientific-slides/scripts/pdf_to_images.py). These scripts are not included in the provided skill bundle and are executed as unverified local dependencies.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted manuscripts and slide images while holding Bash and file-edit permissions. Ingestion points: Reading external manuscript text and presentation slide images for review. Boundary markers: Absent; the instructions do not establish clear delimiters or directives to treat ingested content strictly as data. Capability inventory: The agent is granted Bash, Read, Write, and Edit permissions. Sanitization: No validation or sanitization of the external manuscript content is described.
Audit Metadata