vector-spaces
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONNO_CODE
Full Analysis
- [SAFE]: The skill is focused on mathematical problem-solving and does not contain any suspicious patterns such as data exfiltration, obfuscation, or persistence.
- [COMMAND_EXECUTION]: The skill defines templates for using the Bash tool to execute Python scripts. It utilizes the uv package manager to run computations in a controlled environment.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by passing user-supplied matrix data to shell commands. Evidence: 1. Ingestion points: matrix strings in SKILL.md. 2. Boundary markers: absent in markdown templates. 3. Capability inventory: Bash and Read tools. 4. Sanitization: not defined within the skill documentation.
- [NO_CODE]: The core computational logic resides in external scripts (scripts/sympy_compute.py, scripts/z3_solve.py) which are not provided in the input.
Audit Metadata