Skills
skills/t46/ra-skills/grant-proposal-review/Gen Agent Trust Hub

grant-proposal-review

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it processes untrusted data from user-uploaded grant application documents (PDF or text).
  • Ingestion points: The skill reads application files via the Read tool as specified in the required inputs.
  • Boundary markers: The instructions do not define clear delimiters or use "ignore embedded instructions" directives when processing the document content, making the agent potentially susceptible to instructions hidden within the grant proposal.
  • Capability inventory: The agent has access to WebSearch, WebFetch, and Bash tools. If a malicious application file contained adversarial instructions or payloads, the agent might inadvertently execute them using these tools.
  • Sanitization: There are no explicit content validation or sanitization steps for the text extracted from the uploaded files before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 04:49 AM