Skills
skills/flonat/claude-research/proofread/Gen Agent Trust Hub

proofread

Pass

Audited by Gen Agent Trust Hub on May 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides instructions for the agent to execute a local CLI tool named cli_council using uv run (SKILL.md). This tool is used as part of the optional 'Council Mode' to orchestrate multiple LLM queries for high-stakes document reviews. The command operates on a module located within the project's own directory structure.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it is designed to read and process content from external LaTeX source files, log files, and bibliography files (SKILL.md). Malicious instructions embedded in these academic documents could theoretically attempt to influence the agent's behavior during the proofreading task.
  • Ingestion points: The agent reads .tex, .log, and .bib files provided in the project path.
  • Boundary markers: No specific delimiters or 'ignore embedded instructions' markers are mentioned in the workflow for handling the document content.
  • Capability inventory: Across its scripts and instructions, the skill uses the Read, Glob, and Grep tools and invokes the cli_council CLI tool.
  • Sanitization: There is no mention of sanitization or validation logic applied to the content of the LaTeX files before they are parsed for proofreading.
Audit Metadata
Risk Level
SAFE
Analyzed
May 3, 2026, 01:11 PM