huggingface-papers
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- Command Execution: The skill uses
curlto interact with official Hugging Face API endpoints for retrieving paper metadata and content. - Indirect Prompt Injection Surface: The skill retrieves external content from
huggingface.coandarxiv.org(Ingestion points). The instructions do not define explicit boundary markers to separate the paper content from agent instructions (Boundary markers), nor do they specify sanitization procedures for the retrieved text (Sanitization). The agent maintains capabilities to interact with Hugging Face account settings via POST requests if an auth token is provided (Capability inventory). - Credential Handling: The skill uses the
$HF_TOKENenvironment variable for authentication, which is a standard and secure practice for managing API access.
Audit Metadata