The Agent Skills Directory

[SAFE]: No malicious behavior or high-risk patterns were detected during analysis.
[EXTERNAL_DOWNLOADS]: Fetches academic paper metadata and RSS feeds from official arXiv domains (export.arxiv.org, arxiv.org). These are well-known academic services, and the operations are consistent with the skill's purpose.
[COMMAND_EXECUTION]: Provides Python code for querying APIs and parsing XML using standard modules (urllib.request, xml.etree.ElementTree). No arbitrary shell command execution, subprocess calls, or unsafe evaluation of strings were found.
[DATA_EXFILTRATION]: Network activity is limited to retrieving public academic records. No access to sensitive local files, system environment variables, or hardcoded credentials was identified.
[PROMPT_INJECTION]: The skill processes paper abstracts from an external source, which represents a potential surface for indirect prompt injection.
Ingestion points: arXiv API and RSS feeds.
Boundary markers: None present in the example code snippets.
Capability inventory: Python network requests and XML parsing for research data retrieval.
Sanitization: Abstract text is truncated to 200 characters in the example code.

arxiv-automation