paperbanana
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECREDENTIALS_UNSAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The connectivity probe script
scripts/probe_openrouter_models.pyprints the first 6 and last 4 characters of theOPENROUTER_API_KEYto the standard output, risking partial credential exposure in logs.- [COMMAND_EXECUTION]: The skill uses thepaperbananaandpaperbanana-mcpcommand-line tools to execute generation and evaluation tasks, which involve local file system access and subprocess management.- [EXTERNAL_DOWNLOADS]: The skill makes network requests to the OpenRouter API (openrouter.ai) for model verification and inference, which is a well-known technology service.- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection when processing methodology or data files. - Ingestion points: The skill reads content from methodology text files and statistical data files (CSV/JSON) provided by the user.
- Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the processed files.
- Capability inventory: The skill possesses capabilities to execute commands and communicate with network APIs based on instructions influenced by the input data.
- Sanitization: No evidence of sanitization or validation of the input file content is present in the provided scripts.
Audit Metadata