Skills
skills/deepxiv/deepxiv_sdk/deepxiv-cli/Gen Agent Trust Hub

deepxiv-cli

Pass

Audited by Gen Agent Trust Hub on Apr 8, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill documentation instructs the installation of the deepxiv-sdk package. This is a vendor-owned resource used to enable the core functionality of the CLI and its integrated AI agent.
  • [PROMPT_INJECTION]: The skill ingests untrusted data from external academic sources (arXiv and PubMed Central), which serves as a surface for indirect prompt injection attacks.
  • Ingestion points: Full paper text, summaries, and metadata retrieved through commands like deepxiv paper and deepxiv search (SKILL.md).
  • Boundary markers: No explicit delimiters or specialized instructions are mentioned to differentiate external paper content from the agent's system instructions.
  • Capability inventory: The skill provides automated search and retrieval capabilities and includes an 'agent' command for multi-turn reasoning and analysis of documents.
  • Sanitization: There is no description of content sanitization or validation procedures for the data retrieved from external repositories.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 8, 2026, 12:04 PM