extract-paper-images
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads research papers and source packages from
arxiv.org. This is a well-known academic repository, and the download is triggered by user-specified paper IDs. - [COMMAND_EXECUTION]: The script
scripts/extract_images.pyperforms extraction of tarball archives. It implements a security check to prevent path traversal attacks by validating that archive members do not use absolute paths or '..' directory markers. - [DATA_EXFILTRATION]: No unauthorized data transmission or access to sensitive system files (e.g., credentials, SSH keys) was identified. Network operations are limited to fetching paper content.
- [SAFE]: The skill's behavior matches its stated purpose. No obfuscation, prompt injection, or suspicious privilege escalation attempts were found.
Audit Metadata