case-study-writing

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it processes untrusted data from external search tools. \n
  • Ingestion points: Content is retrieved from tavily/search-assistant, exa/search, and exa/answer in SKILL.md. \n
  • Boundary markers: No delimiters or instructions are used to separate external content or warn the agent about embedded commands. \n
  • Capability inventory: The skill utilizes Bash(belt *) for shell operations, file writing, and arbitrary Python execution via infsh/python-executor. \n
  • Sanitization: No validation or filtering is applied to data from external searches. \n- [EXTERNAL_DOWNLOADS]: The skill recommends installing the belt CLI and references installation scripts on the vendor's GitHub repository. \n- [COMMAND_EXECUTION]: The skill utilizes the belt utility to execute research tools and data processing tasks. \n- [REMOTE_CODE_EXECUTION]: The skill executes dynamically generated Python code via an executor tool to create visual charts.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 04:47 PM