Skills
skills/a-green-hand-jack/ml-research-skills/camera-ready-finalizer/Gen Agent Trust Hub

camera-ready-finalizer

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to ingest and process untrusted external data, such as peer reviews, meta-reviews, and acceptance emails, which could contain adversarial instructions intended to exploit the agent's capabilities.
  • Ingestion points: SKILL.md (Step 1: Recover Acceptance Context) and references/rebuttal-promise-audit.md instruct the agent to read and analyze reviewer comments and author response discussion.
  • Boundary markers: The instructions do not define delimiters or provide specific prompts to the agent to disregard instructions found within the ingested reviewer or email text.
  • Capability inventory: The skill allows access to powerful tools including Bash, Write, Edit, WebFetch, and WebSearch as specified in the SKILL.md frontmatter.
  • Sanitization: No sanitization, validation, or filtering of the external review content is performed before the agent processes the data to build the 'promise ledger'.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 12:40 PM