Skills
skills/akiselev/qt-llm-template/arxiv-to-md/Gen Agent Trust Hub

arxiv-to-md

Warn

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • PROMPT_INJECTION (MEDIUM): The skill uses override markers to bypass agent safety analysis. Evidence: 'Do NOT explore or analyze first' (SKILL.md) and 'IMMEDIATELY invoke... Do NOT explore first' (CLAUDE.md).
  • COMMAND_EXECUTION (LOW): Executes a local Python orchestrator script. Evidence: 'python3 -m skills.arxiv_to_md.main'.
  • EXTERNAL_DOWNLOADS (LOW): Downloads TeX source from arxiv.org.
  • DATA_EXFILTRATION (LOW): Reads filesystem metadata in the current directory to discover IDs.
  • PROMPT_INJECTION (LOW): Potential for indirect prompt injection via untrusted arXiv TeX data. 1. Ingestion point: arXiv TeX via sub_agent.py. 2. Boundary markers: Absent. 3. Capability inventory: subprocess (pandoc), python execution, file system access. 4. Sanitization: Absent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 20, 2026, 08:00 AM