aminer-daily-paper
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/handle_trigger.pyexecutes an internal Python scriptscripts/run_pipeline.pyto process requests. This execution is performed usingsubprocess.runwith a structured list of arguments andsys.executable, which is a secure practice that prevents shell injection vulnerabilities. - [SAFE]: The skill includes defensive programming for file path handling in
scripts/handle_trigger.py. The_resolve_interface_papers_filefunction validates that provided file paths are within the skill's base directory and restricted to the.jsonextension, protecting against path traversal and arbitrary file access. - [SAFE]: Network activity is directed to the documented AMiner API endpoint (
datacenter.aminer.cn). Sensitive information, specifically theAMINER_API_KEY, is managed via environment variables and is not hardcoded within the source files.
Audit Metadata