daily-paper-generator
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests and processes external paper abstracts and metadata from arXiv. Maliciously crafted paper content could potentially influence the agent's output or downstream actions.
- Ingestion points: arXiv titles, abstracts, and metadata are retrieved via Chrome browser tools and the
arxiv_search.pyscript. - Boundary markers: The instructions do not define specific delimiters or instructions to ignore embedded commands within the fetched content.
- Capability inventory: The skill has permissions to write files to the local
daily paper/directory and perform network operations via browser tools. - Sanitization: No explicit sanitization or validation of the retrieved external content is performed before processing.
Audit Metadata