Skills
skills/willoscar/research-units-pipeline-skills/idea-memo-writer/Gen Agent Trust Hub

idea-memo-writer

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFE
Full Analysis
  • [DYNAMIC_EXECUTION]: The script scripts/run.py dynamically calculates the repository root by traversing parent directories for an AGENTS.md file and appends this path to sys.path to import local tooling modules.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted input from files such as IDEA_SHORTLIST.jsonl and GOAL.md to populate report content. While this creates a potential surface for indirect injection if downstream agents read the generated reports, the skill itself does not execute or interpret the data as instructions.
  • [COMMAND_EXECUTION]: The skill performs legitimate file system operations, including reading CSV/JSONL files and writing generated Markdown and JSON payloads to the specified workspace directory.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 01:59 PM