Skills
skills/wanshuiyin/auto-claude-code-research-in-sleep/kill-argument/Gen Agent Trust Hub

kill-argument

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted paper content (LaTeX, BibTeX, PDF) and interpolates it into prompts for simulation threads, creating a surface for indirect prompt injection. (1) Ingestion points: Paper directory source files (.tex, .bib), and compiled PDF. (2) Boundary markers: The simulation prompts use markdown headers (## Files to read, ## Paper files) and blockquotes (>) to separate instructions from paper data. (3) Capability inventory: The skill uses Bash(*), Read, Write, Edit, Grep, Glob, and mcp__codex__codex. (4) Sanitization: No explicit sanitization or filtering of paper source code is performed before prompt interpolation.
  • [COMMAND_EXECUTION]: The skill uses standard shell utilities (bash, grep, find, ls) to discover and inventory the target paper's source files based on a user-provided directory argument.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 02:00 PM