paper-analyze
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads research papers and LaTeX source archives directly from arXiv.org. As a well-known and reputable service for academic preprints, these downloads are considered safe and routine for the skill's stated purpose.\n- [COMMAND_EXECUTION]: Extensive use of Bash is made to manage the local environment, including directory creation, file downloading with curl, archive extraction with tar, and the execution of local Python scripts for data processing and knowledge graph updates.\n- [PROMPT_INJECTION]: The skill's primary function—summarizing external papers—inherently creates an indirect prompt injection surface where instructions hidden in a paper's text could potentially influence the agent. However, this is a known risk for any content-processing tool.\n
- Ingestion points: Data is ingested from external URLs via curl and WebFetch (found in SKILL.md).\n
- Boundary markers: The skill does not implement specific delimiters or 'ignore' instructions for the ingested text.\n
- Capability inventory: The skill possesses capabilities for file system operations (Bash, Write) and network access (WebFetch).\n
- Sanitization: The included Python script 'scripts/generate_note.py' employs regex to sanitize paper titles and domain names, effectively preventing directory traversal vulnerabilities.
Audit Metadata