systematic-literature-review
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill interfaces with the public arXiv API (export.arxiv.org) to retrieve research paper metadata. This is a well-known academic service, and the data fetched is restricted to public abstracts and citation details, presenting no risk of data exfiltration or malicious payload delivery.
- [COMMAND_EXECUTION]: The skill utilizes a local Python script (
scripts/arxiv_search.py) to handle API interactions. The script follows secure development practices, including the use of standard libraries, proper URL parameter encoding, and robust XML parsing viaxml.etree.ElementTree. - [PROMPT_INJECTION]: The skill processes untrusted external content (abstracts). This potential indirect prompt injection surface is effectively mitigated by the skill's architecture, which delegates extraction to subagents with strict JSON schemas. This prevents external instructions from influencing the main agent's executive logic.
- [SAFE]: Overall, the skill exhibits high-quality implementation with clear boundaries, adherence to academic standards, and no detected malicious patterns or bypass techniques.
Audit Metadata