atomic-decomposition
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to ingest and process data from external, untrusted sources such as academic papers and GitHub repositories during the research decomposition phase.
- Ingestion points: User-provided research ideas (
{idea_description}), searched paper content (LaTeX), and external code repository snippets. - Boundary markers: Absent. The prompts do not include instructions to treat external data as untrusted or use specific delimiters to separate data from instructions.
- Capability inventory: The skill itself does not possess command execution or file-write capabilities; however, it encourages the extraction of code that might be executed by the user or other tools in the agent's environment.
- Sanitization: No sanitization or verification logic is present to handle malicious instructions hidden in external research materials.
- No Code (SAFE): The provided files consist entirely of Markdown documentation and JSON templates. No shell scripts, Python files, or other executable modules are included in the skill definition.
Audit Metadata