paper-2-web
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill instructs the user to download standard, reputable software including LibreOffice and Poppler from official sources. It also references a public GitHub repository (YuhangChen1/Paper2All) for the core project code.
- [CREDENTIALS_UNSAFE] (SAFE): While the skill requires API keys (OpenAI, OpenRouter, Google), it instructs the user to provide their own via a
.envfile and correctly uses placeholders likeyour_openai_api_key_herein documentation, which is a standard safe practice. - [COMMAND_EXECUTION] (SAFE): The provided shell commands are standard for environment setup (
git clone,pip install,apt-get install) and running the local Python pipeline. These are expected for a skill of this nature. - [DATA_EXFILTRATION] (SAFE): No unauthorized network operations or exfiltration patterns were detected. Network activity is limited to legitimate API calls to configured LLM providers.
- [PROMPT_INJECTION] (SAFE): No instructions attempting to bypass safety filters or override agent behavior were found in the documentation or metadata.
Audit Metadata