hypothesis-generation
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill workflow involves fetching data from external scientific databases and the general web (Step 2 and Step 3). There are no instructions to sanitize this content or use boundary markers, which exposes the agent to indirect prompt injection if malicious instructions are present in the sourced materials.
- [COMMAND_EXECUTION]: The skill requires the use of the Bash tool to execute a Python script (scripts/generate_schematic.py) and LaTeX compilation commands (xelatex, bibtex). This interaction with the system shell presents a potential risk if the inputs to these commands, such as diagram descriptions or document content derived from web searches, are not properly sanitized before execution.
Audit Metadata