idea-shortlist-curator
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [SAFE]: The skill is designed to process local text-based research files (CSV, JSONL, MD). It does not contain instructions for network communication or accessing sensitive system directories like credentials or SSH keys.\n- [NO_CODE]: There are no executable scripts, shell commands, or third-party code dependencies included in this skill. It relies entirely on the language model's reasoning capabilities to perform the curation task.\n- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it ingests data from research notes, though the risk is assessed as safe due to the skill's restricted capabilities.\n
- Ingestion points:
papers/paper_notes.jsonl,papers/core_set.csv, andoutput/IDEA_BRIEF.md.\n - Boundary markers: Absent; there are no explicit instructions to the agent to treat data from these files as untrusted content or use delimiters.\n
- Capability inventory: The agent's capabilities are restricted to writing to local markdown files (
output/IDEA_SHORTLIST.mdandDECISIONS.md).\n - Sanitization: No sanitization or validation of the input data is specified in the curation procedure.
Audit Metadata