nature-experiment-log
Pass
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted data from external sources (Feishu messages and images) to generate structured logs.
- Ingestion points: Raw materials like images, voice transcripts, and text are received via CLI or the Feishu integration (SKILL.md).
- Boundary markers: No specific delimiters (e.g., XML tags or backticks) are specified to separate untrusted content from the agent's instructions.
- Capability inventory: The skill performs file system writes to create Markdown logs and appends to index files (
异常记录.md,实验索引.md) within the user's Obsidian vault (SKILL.md). - Sanitization: The instructions do not define any validation or filtering of the content extracted from images or text before writing it to files.
- [EXTERNAL_DOWNLOADS]: The installation guide in README.md recommends cloning a project from a personal GitHub repository ("github.com/Jiahao8595/research-pipeline.git") that does not belong to a trusted organization or well-known service, which introduces an unverified third-party dependency.
Audit Metadata