resubmit-pipeline
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill enforces a physical isolation policy by creating new sibling directories for resubmissions using standard shell commands (
mkdir,cp), ensuring that original project files remain immutable. - [SAFE]: Security is enhanced through an 'edit whitelist' mechanism that restricts the agent's ability to modify sensitive files (like bibliographies or style files) or perform risky operations (like adding new citations or numerical claims).
- [SAFE]: The workflow incorporates mandatory human checkpoints after each automated iteration, requiring manual review of diffs and compliance reports before proceeding.
- [SAFE]: The skill implements a multi-layer anonymity scan to detect and flag potential identity leaks (authors, affiliations, funding IDs, and internal codenames) before submission, which is a standard safety feature for academic workflows.
- [SAFE]: Integration with external services like Overleaf is handled through delegated platform tools (
/overleaf-sync), which manage authentication securely without exposing credentials to the agent.
Audit Metadata