nature-experiment-log

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted data from external sources (Feishu messages and images) to generate structured logs.
  • Ingestion points: Raw materials like images, voice transcripts, and text are received via CLI or the Feishu integration (SKILL.md).
  • Boundary markers: No specific delimiters (e.g., XML tags or backticks) are specified to separate untrusted content from the agent's instructions.
  • Capability inventory: The skill performs file system writes to create Markdown logs and appends to index files (异常记录.md, 实验索引.md) within the user's Obsidian vault (SKILL.md).
  • Sanitization: The instructions do not define any validation or filtering of the content extracted from images or text before writing it to files.
  • [EXTERNAL_DOWNLOADS]: The installation guide in README.md recommends cloning a project from a personal GitHub repository ("github.com/Jiahao8595/research-pipeline.git") that does not belong to a trusted organization or well-known service, which introduces an unverified third-party dependency.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 12:02 AM
Security Audit — agent-trust-hub — nature-experiment-log