hypothesis-generation
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes internal Python scripts (scripts/generate_schematic_ai.py) using subprocess.run to handle diagram generation. The execution uses a list-based argument structure and avoids shell invocation, minimizing risk.
- [DATA_EXFILTRATION]: The skill facilitates the transmission of diagram descriptions to the OpenRouter API for image generation. This represents an external data flow to a well-known AI service as part of the skill's primary functional purpose. API keys are handled securely through environment variables and .env file loading.
- [PROMPT_INJECTION]: The workflow involves processing external data from scientific literature via tools like WebFetch and WebSearch. This creates a potential surface for indirect prompt injection from untrusted external content. The skill mitigates this by providing structured instructions and professional LaTeX templates to ground the agent's output.
Audit Metadata