conf-papers
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches academic paper metadata, abstracts, and citation counts from DBLP (dblp.org) and Semantic Scholar (api.semanticscholar.org) to build recommendations.
- [COMMAND_EXECUTION]: Executes several local Python scripts to scan existing notes, search for new papers, and link keywords within the user's Obsidian vault environment.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via the processing of untrusted paper titles and abstracts retrieved from external academic APIs.
- Ingestion points: External data sources including DBLP and Semantic Scholar API responses containing paper titles, abstracts, and author names.
- Boundary markers: There are no explicit delimiters or instructions to treat retrieved metadata as untrusted data or to ignore embedded instructions within the metadata.
- Capability inventory: The skill has the capability to write files to the local file system (Obsidian vault) and trigger subsequent analysis skills such as
paper-analyzeandextract-paper-imagesbased on the retrieved content. - Sanitization: Content retrieved from the academic APIs is used directly in markdown file generation without evidence of sanitization or validation to prevent instruction injection.
Audit Metadata