scholar-evaluation
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it is designed to ingest and process untrusted external data such as scholarly papers, research proposals, and literature reviews.\n
- Ingestion points: Untrusted data enters the agent's context when it reads scholarly work for evaluation, as described in the Evaluation Workflow in SKILL.md.\n
- Boundary markers: The instructions do not specify the use of delimiters or 'ignore embedded instructions' warnings to separate the untrusted document content from the agent's evaluation instructions.\n
- Capability inventory: The skill has the capability to execute a local Python script (scripts/calculate_scores.py) and write evaluation reports and scientific schematics to the file system (e.g., figures/ directory and report.txt).\n
- Sanitization: There is no evidence of sanitization or validation of the external content before it is processed by the agent.
Audit Metadata