deepxiv-baseline-table
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized access attempts were found. The skill operates within its stated purpose using vendor-provided tools.
- [DATA_EXFILTRATION]: The skill uses the deepxiv CLI to interact with research paper repositories. It does not access sensitive local files (like credentials or SSH keys) or exfiltrate private data. Network operations are limited to the intended research functionality.
- [PROMPT_INJECTION]: The skill ingests untrusted external data by reading research paper sections via
deepxiv paper <id> --section. - Ingestion points: External text from arXiv papers is pulled into context in
SKILL.md. - Boundary markers: Absent; the instructions do not specify delimiters for paper content.
- Capability inventory: The skill can search, read sections, and write markdown files to the local workspace.
- Sanitization: No explicit sanitization of paper content is performed. While this represents a surface for indirect prompt injection, the risk is inherent to the research use case and managed by standard LLM guardrails.
Audit Metadata