replicate-study
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill generates Python and R analysis scripts and executes the R components via a Bash subprocess during the code generation phase. This is an intended function for performing complex survey-weighted statistical analyses.
- [PROMPT_INJECTION]: The skill processes external research papers to extract methodology parameters, creating an indirect prompt injection surface. (1) Ingestion point: Phase 1 reads source papers (PDF/markdown). (2) Boundary markers: The methodology_extraction_template.md is used to structure and limit the scope of extracted data. (3) Capability inventory: The agent uses Bash, Write, and R execution via subprocess. (4) Sanitization: While explicit sanitization of paper text is not detailed, the process is constrained by medical research templates and variable mapping rules.
- [SAFE]: The skill uses local reference files (CSV) and templates for variable harmonization. No network exfiltration, hardcoded credentials, or obfuscated content were identified in the skill files or instructions.
Audit Metadata