Skills
skills/willoscar/research-units-pipeline-skills/screening-manager/Gen Agent Trust Hub

screening-manager

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFE
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from external research paper files and protocol documents.
  • Ingestion points: output/PROTOCOL.md, papers/papers_raw.jsonl, papers/papers_dedup.jsonl, and papers/core_set.csv in the local workspace.
  • Boundary markers: The workflow does not explicitly define delimiters or instructions to ignore embedded prompts in candidate data.
  • Capability inventory: Operations are restricted to reading local files and writing to papers/screening_log.csv. No network or subprocess capabilities are present.
  • Sanitization: No specific sanitization or validation of input file content is mentioned.
  • Assessment: While an attacker could embed instructions in a paper title or abstract to influence the screening decision, the risk is low as the agent's capabilities are limited to producing a CSV file.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 09:17 AM