paper-writing-section
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill ingests data from local paper files, creating a surface for indirect prompt injection where instructions in those files could influence agent behavior.
- Ingestion points: Workflow Step 1 in SKILL.md reads .tex files, experiment logs, and result files.
- Boundary markers: Absent; there are no instructions to delimit or ignore embedded commands within the processed files.
- Capability inventory: Reading local file contents and generating substantial LaTeX fragments.
- Sanitization: Absent; the skill lacks validation or escaping mechanisms for the ingested text.
- [No Code] (SAFE): The skill contains no executable scripts, binaries, or system-level commands, consisting solely of instructional Markdown and prompt templates.
Audit Metadata