ljg-paper
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the system
datecommand to generate formatted timestamps for file naming and Org-mode metadata, ensuring proper document organization within the user's environment. - [EXTERNAL_DOWNLOADS]: The skill retrieves academic content from external sources, specifically Arxiv URLs and PDF files, using tools such as
WebFetchand the author's internalljg-fetchutility to obtain data for analysis. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as its core workflow involves ingesting and processing untrusted text from external research papers.
- Ingestion points: The skill reads data from Arxiv URLs, PDF files, and web search results to extract abstracts, introductions, and methodology sections.
- Boundary markers: There are no explicit instructions or delimiters defined to prevent the LLM from following malicious instructions that might be embedded within the content of the academic papers being analyzed.
- Capability inventory: The skill possesses the ability to write files to the local directory
~/Documents/notes/and execute further network-based search and fetch operations. - Sanitization: No sanitization or validation logic is specified to filter the external content before it is processed through the multi-stage analysis pipeline.
Audit Metadata