scholar-evaluation
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it is designed to ingest and analyze untrusted external data (scholarly papers, research proposals, and abstracts) as described in
SKILL.md(Step 1 & 2). - Ingestion points: Research papers, literature reviews, and abstracts provided by the user for evaluation.
- Boundary markers: No specific delimiters or instructions to ignore embedded commands are present in the evaluation workflow.
- Capability inventory: The skill includes file-writing capabilities through
scripts/calculate_scores.py(via the--outputflag) and references a scriptscripts/generate_schematic.pyfor image generation. - Sanitization: There is no evidence of sanitization or filtering applied to the ingested scholarly content before processing.
- [COMMAND_EXECUTION]: The skill instructions in
SKILL.mddirect the agent to execute local Python scripts (scripts/calculate_scores.pyandscripts/generate_schematic.py). Whilecalculate_scores.pyis provided and found to be safe,scripts/generate_schematic.pyis referenced for execution (e.g.,python scripts/generate_schematic.py "your diagram description" -o figures/output.png) but is missing from the skill package files, rendering its behavior unverifiable.
Audit Metadata