scientific-email-polishing
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions found that attempt to override AI behavior or bypass safety filters. The content is strictly limited to email writing guidelines.
- [Data Exposure & Exfiltration] (SAFE): No sensitive file paths, hardcoded credentials, or network transmission patterns detected.
- [Obfuscation] (SAFE): No encoded content, zero-width characters, or homoglyphs identified. All files use plain text or standard JSON.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No package managers (pip, npm) or remote script execution commands (curl|bash) are used.
- [Indirect Prompt Injection] (LOW): While the skill processes user-generated email drafts, which is a standard attack surface for indirect injection, the resource files themselves contain no malicious payload. Evidence: 1. Ingestion: Processes user email drafts. 2. Boundary: No specific boundary markers found in resource files. 3. Capability: No subprocess or network capabilities found. 4. Sanitization: Not present in these data files.
Audit Metadata