grant-application-setup
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes user-supplied markdown and Quarto files, creating an attack surface for indirect prompt injection.
- Ingestion points: Reads files from submission/document.qmd.
- Boundary markers: No delimiters or isolation instructions are present in the provided templates.
- Capability inventory: Utilizes standard shell commands (cat, sed, wc) to manipulate document text.
- Sanitization: No input sanitization is performed on the content of the grant documents.
- [COMMAND_EXECUTION]: The skill provides shell snippets for automated text processing.
- Evidence: Templates include bash pipes using sed for pattern matching and wc for word count calculation, as well as rm for temporary file cleanup.
Audit Metadata