paper-illustration-image2
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a project-local helper script at
tools/paper_illustration_image2.pyfor preflight checks, finalization of artifacts, and verification. This follows a standard integration pattern for complex agent workflows on platforms like Claude Code.\n- [PROMPT_INJECTION]: The skill demonstrates a surface for indirect prompt injection by processing external user-provided text (e.g., paper abstracts or method descriptions) during the prompt engineering and review stages.\n - Ingestion points: User requests and paper documentation referenced in the
SKILL.mdworkflow.\n - Boundary markers: Absent; the skill does not use specific delimiters or instructions to wrap user-provided data in prompts.\n
- Capability inventory: Includes
Bashfor command execution andWritefor file system access as described in the orchestration steps.\n - Sanitization: Not present; the skill summarizes user content but does not perform sanitization for embedded instructions before interpolation.
Audit Metadata