arxiv-automation
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious behavior, obfuscation, or unauthorized access patterns were detected. The skill correctly utilizes well-known academic resources.
- [PROMPT_INJECTION]: The skill processes external data (titles and summaries) from the arXiv API, which constitutes an indirect prompt injection surface. This is a low-risk, inherent characteristic of information retrieval skills.
- Ingestion points: The search_arxiv function in SKILL.md processes external XML responses.
- Boundary markers: None are explicitly defined in the provided code snippets.
- Capability inventory: The skill lacks dangerous capabilities such as arbitrary shell execution or file-system writing, which limits the potential impact of processed data.
- Sanitization: The example code truncates summaries to 200 characters, providing a basic form of data limitation.
Audit Metadata