Skills
skills/ligphidonk/oh-my--paper/inno-paper-reviewer/Gen Agent Trust Hub

inno-paper-reviewer

Pass

Audited by Gen Agent Trust Hub on Apr 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect prompt injection surface detected. The skill is designed to ingest and evaluate untrusted scientific documents and presentations. * Ingestion points: Processes external manuscript files and PDF slides using the read_file tool. * Boundary markers: Absent; no delimiters are defined to isolate untrusted content from the agent's instructions. * Capability inventory: The skill utilizes write_file to create figures and executes python scripts to perform image conversion and schematic generation. * Sanitization: Absent; no validation or sanitization of document content is specified before tool use.
  • [COMMAND_EXECUTION]: The skill provides explicit instructions to execute shell commands for workflow tasks. Evidence includes the usage of python scripts/generate_schematic.py to create diagrams and python skills/scientific-slides/scripts/pdf_to_images.py to convert PDF presentations for inspection.
  • [EXTERNAL_DOWNLOADS]: The skill contains references to external repositories and services. Evidence includes a reference to an upstream repository on GitHub (dr-claw/skills/inno-paper-reviewer) and a recommendation to use the k-dense.ai web platform for complex workflows.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 19, 2026, 01:26 PM