four-knowns
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install an external library using 'pip3 install fpdf2'.
- [COMMAND_EXECUTION]: The instructions direct the agent to use system commands like 'open' (macOS) or 'xdg-open' (Linux) to display generated reports to the user.
- [REMOTE_CODE_EXECUTION]: The skill guides the agent to generate and execute local Python scripts to handle PDF conversion logic.
- [PROMPT_INJECTION]: The skill processes potentially untrusted external research data, forming an indirect prompt injection surface.
- Ingestion points: Processes technical papers, competitor profiles, and industry trends (SKILL.md).
- Boundary markers: Absent; the skill does not define specific delimiters to separate ingested data from agent instructions.
- Capability inventory: File writing, package installation (pip3), script execution (Python), and shell command execution (open/xdg-open) in SKILL.md.
- Sanitization: None; the skill does not specify any filtering or validation for the content it researches.
Audit Metadata