evidence-draft
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The instructions provide clear role-based guidance for data processing. No bypass markers or 'ignore previous instructions' patterns were found.
- [Data Exposure & Exfiltration] (SAFE): The skill is restricted to project-specific paths (papers/, outline/, citations/). The description explicitly states no network access is used. No hardcoded credentials or sensitive system paths were detected.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill references a local Python script (.codex/skills/evidence-draft/scripts/run.py) for processing. No remote scripts (e.g., via curl/wget) are downloaded or executed.
- [Obfuscation] (SAFE): No encoded strings (Base64), zero-width characters, or homoglyphs were identified in the skill definition.
- [Indirect Prompt Injection] (SAFE): While the skill ingests external data (paper_notes.jsonl), the strict 'NO PROSE' requirement and structured JSONL output format serve as inherent mitigations against instructions embedded in research content.
Audit Metadata