paper-check
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): The skill possesses a surface for indirect prompt injection as it is designed to analyze external documents provided by users.\n
- Ingestion points: Processes untrusted data from PDF files attached via the
--attachflag in thecodex ecommand.\n - Boundary markers: No explicit delimiters or instructions for the agent to ignore embedded instructions are documented in the README.\n
- Capability inventory: The skill analyzes content for logic, terminology, and structure across multiple sections (Title, Abstract, Introduction, etc.).\n
- Sanitization: No sanitization or input validation mechanisms for the attached PDF content are mentioned.
Audit Metadata