yao-geo-content-refiner
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill processes external text and knowledge base data as its primary function. It implements a robust 'atomic fact' and 'evidence verification' framework to mitigate indirect prompt injection risks. Ingestion points (SKILL.md, references/data-access-and-verification.md) are clearly defined, and the skill enforces source categorization and evidence status requirements. Capability inventory is limited to local file generation, and the provided rendering script (render_content_refiner_bundle.py) includes standard sanitization such as HTML escaping.
- [SAFE]: Instructions in references/artifact-layout.md suggest the manual use of standard utilities like 'pdftoppm' for layout quality verification. This is an informative developer instruction and does not involve any automated command execution or subprocess spawning.
- [SAFE]: The included Python script (render_content_refiner_bundle.py) uses standard, well-known libraries (python-docx, reportlab) for document generation. It does not perform network operations or use unsafe dynamic execution patterns like 'eval' or 'exec' on input data.
- [SAFE]: The skill explicitly defines data access boundaries, distinguishing between public, user-provided, and authorized API data. It includes clear prohibitions against unauthorized data access or bypassing security controls.
Audit Metadata