overfull-hbox
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No evidence of instructions attempting to bypass safety filters, override system prompts, or assume restricted roles.
- Data Exposure & Exfiltration (SAFE): No access to sensitive file paths, hardcoded credentials, or network operations identified.
- Obfuscation (SAFE): Content is clear markdown with no Base64, zero-width characters, or encoded strings.
- Unverifiable Dependencies (SAFE): The skill does not reference or install any external packages or scripts.
- Privilege Escalation (SAFE): No commands for administrative access or permission modifications (e.g., sudo, chmod) were found.
- Persistence Mechanisms (SAFE): No attempts to modify startup scripts, cron jobs, or registry keys.
- Metadata Poisoning (SAFE): Metadata accurately reflects the skill's purpose and contains no hidden instructions.
- Indirect Prompt Injection (LOW): The skill processes external LaTeX log files and synonym lists. While it lacks explicit boundary markers for this data, it is purely instructional and lacks capabilities (like network or shell access) that would make this a high-risk surface.
- Time-Delayed / Conditional Attacks (SAFE): No logic gating behavior behind dates, times, or specific environment triggers.
- Dynamic Execution (SAFE): The skill does not generate, compile, or execute code at runtime.
Audit Metadata