Skills
skills/huangkiki/dailypaper-skills/daily-papers-notes/Gen Agent Trust Hub

daily-papers-notes

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands to run local Python scripts (python3 ../_shared/generate_concept_mocs.py and python3 ../_shared/generate_paper_mocs.py) for index refreshing.
  • [COMMAND_EXECUTION]: The skill performs Git automation including git add, git commit, and git push within the user's vault path to maintain version history of notes.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing external, potentially untrusted data to drive its workflow.
  • Ingestion points: Data is read from /tmp/daily_papers_enriched.json and markdown files located in the {DAILY_PAPERS_PATH} directory.
  • Boundary markers: The skill does not employ explicit boundary markers or 'ignore' instructions to isolate processed content from its logic.
  • Capability inventory: The agent has the ability to execute shell commands, perform Git operations, delete files (replacing poor-quality notes), and invoke the /paper-reader skill.
  • Sanitization: There is no evidence of sanitization or validation for the 'method_names' or 'paper titles' extracted from files before they are used in file path construction or logic branching.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 02:29 AM