manuscript-review
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it is designed to ingest and analyze untrusted external data (academic manuscripts in PDF, DOCX, LaTeX, or Markdown format). Maliciously crafted content within these documents could attempt to override agent instructions or bias the review report.
- Ingestion points: Manuscript files processed in Workflow Step 1 of
SKILL.md. - Boundary markers: No specific delimiters or instructions are used to separate the document content from the agent's control logic.
- Capability inventory: The skill is authorized to read and write files, and may execute commands or tools to compile LaTeX source or inspect rendered PDFs as described in Pass 12 of
SKILL.md. - Sanitization: The skill does not describe any validation or sanitization processes for the text extracted from input manuscripts.
Audit Metadata