autor

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill relies on executing a local Python script (python main.py) to drive its 8-stage research pipeline.
  • [PROMPT_INJECTION]: The framework ingests untrusted data from external research papers and code repositories. 1. Ingestion points: Data enters via parameters like --paper-corpus and --project-root as described in SKILL.md. 2. Boundary markers: There are no explicit instructions to ignore embedded commands in the processed data. 3. Capability inventory: The skill performs local command execution and generates experiment code (Stages 04 and 05). 4. Sanitization: No specific sanitization or filtering of external content is defined in the instructions.
  • [COMMAND_EXECUTION]: The pipeline includes stages for code implementation and experimentation, which involves executing dynamically generated code on the local system.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 02:18 AM
Security Audit — agent-trust-hub — autor