yao-geo-knowledge-base-builder

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/render_four_format.py utilizes the subprocess.run function to invoke the external pdftoppm utility for generating PDF preview images. The implementation is secure as it passes arguments as a list rather than a shell string, which prevents command injection vulnerabilities.
  • [SAFE]: The skill implements a robust evidence-tiering system (A-D) and requires a 'real-data acquisition boundary' section in its reports. This design demonstrates a security-conscious approach to handling untrusted external data by explicitly separating verified official facts from unverified or pending claims.
  • [SAFE]: The Python rendering script uses standard libraries and well-known dependencies for document processing. It does not perform any network operations, and its file system interactions are restricted to the output directories specified by the user.
  • [PROMPT_INJECTION]: The skill involves ingesting data from external websites and user-provided files, which is an inherent part of its brand-research purpose. This creates an indirect prompt injection surface; however, the skill includes explicit instructions for the agent to use boundary markers and validation rubrics, which mitigates the risk of the agent following instructions embedded in the analyzed content.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 10:56 AM
Security Audit — agent-trust-hub — yao-geo-knowledge-base-builder