talk-dig
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Overall Security] (SAFE): No malicious patterns, obfuscation, or data exfiltration vectors were identified in the provided files.
- [Prompt Injection] (SAFE): The skill uses natural instructional language. There are no attempts to override system prompts or bypass safety filters.
- [Data Exposure] (SAFE): The skill operates on public academic data (posters, papers). It does not request access to sensitive local files or hardcode any credentials.
- [Indirect Prompt Injection] (LOW): The skill processes untrusted external data (web search results and poster text). While this is a known attack surface (Category 8), the risk is low as the skill's primary function is summarizing text for user review, and it lacks dangerous capabilities like system command execution that could be exploited via injection.
- Ingestion points: Poster images and web search results (SKILL.md).
- Boundary markers: None explicitly defined in the prompt instructions.
- Capability inventory: No subprocess or system execution tools are defined; it only performs analysis and report generation.
- Sanitization: Standard LLM processing is used; no manual sanitization logic is present.
Audit Metadata