reference-generator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill analyzes untrusted content from local textbook files to determine the grade level and research topics, which subsequently influences tool parameters for WebSearch and file modifications. 1. Ingestion points: /docs/course-description.md and chapter markdown files. 2. Boundary markers: Absent. 3. Capability inventory: find (command), file-write, WebSearch, WebFetch. 4. Sanitization: Absent.
- Command Execution (LOW): The skill uses the 'find' shell command to locate chapter files within the project directory for reference placement. This is a standard discovery method but constitutes a low-risk command execution surface.
Audit Metadata