material-ingest
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed for information extraction and local storage. It does not utilize network operations or execute external code.
- [DATA_EXPOSURE]: Access is restricted to a specific local directory (
./writing-workspace/materials/) for managing research materials. No access to sensitive system paths or credentials was detected. - [COMMAND_EXECUTION]: The skill does not invoke shell commands or system-level processes.
- [INDIRECT_PROMPT_INJECTION]: The skill processes external text provided by users. While this presents an ingestion surface for untrusted data, the skill's capabilities are limited to structured data extraction and file writing within a restricted workspace. The instructions specifically require proper JSON escaping to prevent data corruption or injection during the writing process.
- Ingestion points: User-provided articles or text inputs.
- Boundary markers: Not explicitly defined in the prompt template, but processing is scoped to extraction.
- Capability inventory: File read/write and directory creation within
./writing-workspace/materials/. - Sanitization: Explicit instructions are included to escape special characters like double quotes and backslashes during JSON serialization.
Audit Metadata