write-survey

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute make survey and make check commands. These are standard development operations for building LaTeX documents and running validation scripts. They are localized to the project environment and do not involve untrusted external inputs.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes content from various synthesis files (sota/papers/<citekey>/synthesis.md). While these files are external data sources that could theoretically contain instructions to influence the agent, the skill defines a strict, structured workflow for LaTeX generation which minimizes the risk of the agent obeying embedded commands.
  • Ingestion points: sota/papers/<citekey>/synthesis.md and sota/index.md.
  • Boundary markers: None explicitly defined in the prompt template.
  • Capability inventory: File system read/write access and execution of make commands.
  • Sanitization: Not explicitly mentioned, but the instructions focus on extracting specific academic contributions rather than executing text as commands.
  • [DATA_EXPOSURE]: The skill accesses local project files such as sota/index.md and references.bib. This access is necessary for its primary purpose of survey generation and does not involve exfiltrating data to external servers or accessing sensitive system directories (e.g., SSH keys or environment secrets).
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 02:02 PM
Security Audit — agent-trust-hub — write-survey