Skills
skills/opensensenova/sensenova-skills/sn-research-report/Gen Agent Trust Hub

sn-research-report

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute a shell command python3 <sn-image-base>/scripts/sn_agent_runner.py sn-image-generate to generate images. This is a functional requirement for its 'AI image' feature and targets a vendor-prefixed dependency (sn-image-base).
  • [EXTERNAL_DOWNLOADS]: The skill defines functional dependencies on other skills (sn-deep-research and sn-image-base). It expects these skills to be present in the environment to function correctly.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. It ingests untrusted data from multiple sources (research notes, sub-reports, and user-provided drafts) and uses this content to formulate reports and image generation prompts.
  • Ingestion points: Reads files such as synthesis.md, sub_reports/*.md, and user-supplied text snippets.
  • Boundary markers: The instructions do not define explicit delimiters or 'ignore' instructions for the content being processed.
  • Capability inventory: The skill has the capability to write files (report.md, visual_plan.md) and execute shell commands (python3 via sn-image-base).
  • Sanitization: There is no mention of sanitizing or escaping the content retrieved from research materials before it is interpolated into subsequent prompts or command arguments.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 09:38 AM