rsvp-reading
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute local Python scripts scripts/parse_document.py and scripts/orp_engine.py to process document content. This is the primary intended behavior for generating the RSVP token stream.
- [EXTERNAL_DOWNLOADS]: The skill declares dependencies on docx and pdfminer libraries in the YAML frontmatter. These are standard, well-known packages for processing Office and PDF file formats.
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface because it parses untrusted document data into a stream that may be previewed by the agent. 1. Ingestion points: scripts/parse_document.py reads external files. 2. Boundary markers: Absent. 3. Capability inventory: Bash, Read, and Write tools are available to the skill. 4. Sanitization: Absent, as the tool tokenizes raw text for reading purposes.
Audit Metadata