Skills
skills/willoscar/research-units-pipeline-skills/draft-polisher/Gen Agent Trust Hub

draft-polisher

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFE
Full Analysis
  • [Dynamic Execution] (LOW): The script modifies sys.path to dynamically import local modules (tooling.common, tooling.quality_gate) from a path calculated relative to the script's location. This is standard behavior for repository-internal tooling but constitutes dynamic loading from computed paths.
  • [Indirect Prompt Injection] (LOW): The script processes untrusted Markdown content which could theoretically contain injection attempts, though it primarily uses regex for citation extraction.
  • Ingestion points: Reads DRAFT.md and MERGE_REPORT.md from the path provided in --workspace.
  • Boundary markers: None detected.
  • Capability inventory: File system write access (atomic_write_text) used to generate citation_anchors.prepolish.jsonl.
  • Sanitization: No sanitization or escaping is performed on the draft content before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:41 PM