setup-assistant
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection as it is designed to ingest and process external patent documentation (MPEP PDFs and USPTO filing references).
- Ingestion points: Processes external MPEP PDF files and USPTO filing reference documents (SKILL.md, filing-reference.md).
- Boundary markers: There are no explicit instructions or delimiters used to isolate processed documentation from the agent's instructions.
- Capability inventory: The skill executes shell commands for setup, configuration, and testing, including 'python', 'pip', 'gcloud', and 'claude mcp' (SKILL.md).
- Sanitization: No sanitization or validation of the external patent data is described.
- [COMMAND_EXECUTION]: The skill involves the execution of multiple shell commands to set up the local environment and register tools.
- Evidence: Commands such as 'python install.py', 'python -m venv venv', and 'claude mcp add' are provided in SKILL.md.
- Dynamic Context: Documentation mentions the '!' dynamic execution syntax for Google Cloud authentication ('! gcloud auth application-default login') in SKILL.md.
- [EXTERNAL_DOWNLOADS]: The skill installs external libraries from the official PyTorch registry during setup.
- Evidence: 'pip install torch torchvision --index-url https://download.pytorch.org/whl/cu128' in SKILL.md.
Audit Metadata