Skills
skills/willoscar/research-units-pipeline-skills/subsection-polisher/Gen Agent Trust Hub

subsection-polisher

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • Indirect Prompt Injection (LOW): The skill processes content from several external data files which could contain malicious instructions.
  • Ingestion points: Target files sections/S*.md and context files outline/writer_context_packs.jsonl, outline/subsection_briefs.jsonl, and outline/evidence_drafts.jsonl.
  • Boundary markers: Absent; there are no specific markers or warnings to the AI to ignore instructions embedded in the ingested text.
  • Capability inventory: The skill is limited to reading and writing local Markdown files; it has no identified network or command execution capabilities.
  • Sanitization: No sanitization or validation of the input data is performed before processing.
  • Data Exposure & Exfiltration (SAFE): Although the skill accesses local project files, it explicitly states 'Network: none' and contains no commands (e.g., curl, wget) for data transmission.
  • Unverifiable Dependencies & Remote Code Execution (SAFE): No remote script downloads or third-party package installations were detected.
  • Persistence & Privilege Escalation (SAFE): There are no attempts to modify system configuration, startup scripts, or elevate user privileges.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:50 PM