Skills
skills/inference-sh/skills/case-study-writing/Gen Agent Trust Hub

case-study-writing

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Utilizes the belt CLI tool to perform user authentication (belt login) and execute specialized modular applications for research and data processing.
  • [EXTERNAL_DOWNLOADS]: References external documentation and installation resources for the CLI tool located on the vendor's official GitHub repository.
  • [REMOTE_CODE_EXECUTION]: Executes Python code at runtime through the infsh/python-executor application to generate charts and visualizations from data templates.
  • [DATA_EXFILTRATION]: Performs network requests to external search services (Tavily, Exa) to retrieve industry benchmarks and statistical data for case study content.
  • [PROMPT_INJECTION]: The skill processes untrusted data from external search results, which creates a potential surface for indirect prompt injection.
  • Ingestion points: Data enters the agent's context through belt app run tavily/search-assistant and belt app run exa/search as seen in SKILL.md.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present when handling external tool outputs.
  • Capability inventory: The skill has access to shell execution and Python code execution via the belt CLI suite (SKILL.md).
  • Sanitization: No validation or filtering mechanisms are described for the content retrieved from external APIs.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 01:11 PM