Code to Paper
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [NO_CODE] (SAFE): This skill is composed solely of markdown documentation and workflow definitions. It does not include any Python scripts, JavaScript files, or shell commands that could be executed on the host system.
- [PROMPT_INJECTION] (LOW): The skill presents an Indirect Prompt Injection surface as it is designed to ingest and interpret external code and comments (e.g., Pattern 1: Dataset Description). (1) Ingestion points: External GitHub repositories and local directories via the
/article-writer:add-codecommand. (2) Boundary markers: There are no explicit instructions to the agent to disregard embedded commands or use delimiters when processing this data. (3) Capability inventory: The skill coordinates other tools that can write to the filesystem and perform network operations. (4) Sanitization: No sanitization of external code content is described in the workflow.
Audit Metadata