read-arxiv-paper
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Downloads PDF files and images from arxiv.org, which is a well-known and trusted academic repository. These downloads are required for the skill's primary function of paper analysis.
- [COMMAND_EXECUTION]: Executes shell commands such as
mkdirandcurlto manage files within the user-specified Obsidian vault. These operations are restricted to the directory provided in the environment configuration. - [PROMPT_INJECTION]: The skill ingests and processes full text from external ArXiv papers, presenting a surface for indirect prompt injection where malicious instructions in a paper could influence the agent's output.
- Ingestion points: Full paper content extracted from PDF and HTML sources at arxiv.org.
- Boundary markers: No delimiters are used to separate paper content from agent instructions, and there are no warnings to ignore embedded commands.
- Capability inventory: File system writing and directory management, plus network access via
curl. - Sanitization: The skill does not perform any sanitization of the text extracted from papers before summarizing.
Audit Metadata