zh-project-proposal-writing
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes user-uploaded documents (e.g., funding guides, project materials) to construct "constraints matrices" and "fact ledgers." This represents a standard indirect prompt injection surface. However, the skill provides clear instructions to prioritize official sources and to mark missing or unverified facts, mitigating the risk of misleading generated content.\n
- Ingestion points: User-provided materials (guides, templates, previous proposals) as mentioned in
SKILL.mdanddeliverable_proposal_workflow.md.\n - Boundary markers: The skill does not define specific delimiter-based markers for user data, relying instead on logic to "prioritize official constraints."\n
- Capability inventory: File system writing (generating
.docxfiles) and network access for official source verification.\n - Sanitization: Instructions emphasize verification against official sources and labeling unverified data as "to be supplemented."\n- [COMMAND_EXECUTION]: The skill is designed to produce Word documents (
.docx). This functionality relies on standard file-writing capabilities and is handled through legitimate workflow instructions rather than suspicious shell scripts or arbitrary command execution.
Audit Metadata