paper-interpretation
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests untrusted data from academic papers via URLs and PDF files. 1. Ingestion points: Content is retrieved using WebFetch for URLs and Read for PDF/local files. 2. Boundary markers: The instructions do not specify delimiters or warnings to ignore instructions within the fetched papers, although a structured Org-mode template is used for the final output. 3. Capability inventory: The skill allows writing to the local file system (~/Documents/notes/) and performing web searches. 4. Sanitization: No sanitization process for the external paper content is described prior to its analysis and summary generation.
- [COMMAND_EXECUTION]: The agent is instructed to use the date command to generate timestamps for filenames and document headers, which is a standard utility for file organization.
Audit Metadata