wiki
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions specify the use of local command-line utilities such as
pdftotextfor PDF-to-text conversion andgreporripgrepfor searching stored markdown files. - [EXTERNAL_DOWNLOADS]: The skill performs external network operations using
WebFetchto retrieve web page content and downloads associated image assets to the local repository. - [PROMPT_INJECTION]: By ingesting data from external URLs and PDF files, the skill presents an indirect prompt injection surface.
- Ingestion points: External data enters the context via
WebFetchand PDF extraction as described inSKILL.md. - Boundary markers: The skill uses YAML frontmatter headers and predefined markdown templates to separate metadata from body content.
- Capability inventory: The skill combines filesystem write access, network retrieval, and local command execution capabilities.
- Sanitization: External inputs used in filenames are sanitized via slugification, and content is normalized to markdown before processing.
Audit Metadata