paper-visualizer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Prompt Injection] (LOW): The skill is susceptible to indirect prompt injection (Category 8) because it ingests untrusted PDF content (SKILL.md) to generate prompts. Evidence: 1. Ingestion points: User-uploaded PDF methodology sections (SKILL.md). 2. Boundary markers: No delimiters or ignore instructions for the input text are defined. 3. Capability inventory: The skill is limited to text-to-text generation; no subprocess calls, network requests, or file-write operations were found. 4. Sanitization: No input validation or escaping mechanisms are specified. The risk is minimized by the agent's lack of executable capabilities.
- [No Code] (SAFE): No scripts, packages, or binaries are included with the skill. It relies entirely on instruction-following for prompt construction.
Audit Metadata