academic-search
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill instructions and Python script were analyzed for prompt injection patterns. No override, bypass, or developer mode instructions were found. The skill processes external data (paper abstracts) from arXiv, creating an indirect prompt injection surface.
- Ingestion points: Paper titles and abstracts are retrieved from the arXiv API in
arxiv_search.py. - Boundary markers: The output formatters in
arxiv_search.pyuse clear delimiters (markdown headers, horizontal rules, or '=' symbols) to separate external content. - Capability inventory: The skill has no dangerous capabilities; it cannot write files, execute subprocesses, or perform arbitrary network operations.
- Sanitization: Basic formatting like newline removal is performed, which is sufficient given the lack of exploitable capabilities.
- [EXTERNAL_DOWNLOADS]: The skill requires the
arxivPython package. This is a well-known and trusted library used for interacting with the official arXiv API. No untrusted remote scripts or binaries are downloaded. - [COMMAND_EXECUTION]: The script uses
argparsefor command-line argument handling and does not invoke any shell commands or subprocesses. All operations are performed within the Python environment using established libraries. - [DATA_EXFILTRATION]: No sensitive file paths are accessed, and no hardcoded credentials were detected. Network activity is limited to legitimate requests to the arXiv repository to fetch academic metadata.
Audit Metadata