Skills
skills/bahayonghang/my-claude-code-settings/alphaxiv-paper-lookup/Gen Agent Trust Hub

alphaxiv-paper-lookup

Pass

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses curl via the Bash tool to interact with the AlphaXiv API. While the instructions include logic for parsing identifiers like PAPER_ID, the use of shell commands with variables derived from user input presents a potential surface for command injection if the agent fails to properly sanitize the extracted input.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes external data from third-party URLs (AlphaXiv and arXiv) to generate summaries. An attacker could potentially influence the agent's behavior by embedding malicious instructions within the paper text or overviews.
  • Ingestion points: Data is fetched from api.alphaxiv.org and alphaxiv.org in Step 3 and Step 4 of the workflow.
  • Boundary markers: Absent. The skill does not provide specific delimiters or instructions to the agent to treat the fetched content as untrusted data.
  • Capability inventory: The agent has access to Bash(curl *) and WebFetch tools, which could be exploited if the agent is manipulated by injected instructions.
  • Sanitization: No sanitization or validation of the fetched content is specified before it is processed by the LLM.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 24, 2026, 03:16 PM