paper-interpretation-flow
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data (PDFs and web pages) which constitutes an indirect prompt injection surface. A maliciously crafted document could contain instructions intended to bypass agent constraints or influence subsequent analysis steps.
- Ingestion points: Paper URLs, arXiv links, and PDF file paths extracted from user messages as described in SKILL.md.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are specified in the workflow orchestration.
- Capability inventory: The skill orchestrates 'paper-interpretation' and 'card' tools to read document content and write output files (.org and .png).
- Sanitization: The workflow does not specify validation or sanitization steps for the content fetched from external sources before it is processed by the agent.
Audit Metadata