strategic-reading

Pass

Audited by Gen Agent Trust Hub on May 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill's documentation describes a process that utilizes pdftotext -layout for document processing. This is a standard utility for text extraction within the agent's operating environment.
  • [EXTERNAL_DOWNLOADS]: The skill uses web_fetch to retrieve external article content, which is a core function for analyzing web-based sources.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface (Category 8).
  • Ingestion points: The skill ingests data from external source texts including EPUBs, PDFs, and web articles during Phase 1.
  • Boundary markers: The skill instructions do not define specific delimiters or instructions to ignore embedded prompts within the source documents.
  • Capability inventory: The skill is capable of writing files to the local filesystem within the concepts/ and projects/ directories via the put_page tool.
  • Sanitization: There is no mention of content sanitization or validation of the source text before it is synthesized and written to the brain pages.
Audit Metadata
Risk Level
SAFE
Analyzed
May 29, 2026, 03:35 PM
Security Audit — agent-trust-hub — strategic-reading