presentations
Warn
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill relies on the 'Paper2All' project (https://github.com/YuhangChen1/Paper2All.git) for its Paper-to-Web/Video/Poster pipelines. This repository belongs to an unverified individual account and is not part of the trusted vendors list.
- [REMOTE_CODE_EXECUTION]: Users are instructed to clone an external repository and run 'pip install -r requirements.txt'. This process involves downloading and installing unverified third-party dependencies, which could contain malicious code executed during the installation or runtime of the pipeline.
- [COMMAND_EXECUTION]: Core workflows involve the execution of system-level commands, including 'google-chrome --headless' for PDF printing, 'ffmpeg' for video assembly, and 'libreoffice' for file conversion. These operations pose a risk if the input data (HTML, LaTeX, or PDF) is crafted to exploit these tools.
- [PROMPT_INJECTION]: The skill's primary function is to ingest and transform untrusted external data, such as academic papers and PowerPoint templates. This creates a surface for indirect prompt injection, where instructions embedded within the processed research content could attempt to override the agent's behavior or exfiltrate information during the conversion process.
Audit Metadata