ljg-paper-river
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions direct the agent to utilize shell commands to generate timestamps for file naming and organization. Specifically, it uses
date +%Y%m%dT%H%M%Sanddate "+%Y-%m-%d %a %H:%M"to create unique identifiers and metadata for the generated research notes. - [EXTERNAL_DOWNLOADS]: The skill is designed to fetch external content from public research repositories and the web using tools like
WebFetch(for arXiv URLs) andWebSearch. This is the intended primary purpose of the skill to facilitate paper analysis. - [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as it ingests and processes untrusted data from external research papers and search results.
- Ingestion points: Research paper content, abstracts, and citations are retrieved from external URLs and PDFs via the
WebFetch,Read, andWebSearchtools as described inSKILL.md. - Boundary markers: The instructions do not specify the use of clear delimiters or instructions to ignore embedded commands within the ingested paper text.
- Capability inventory: The skill has the capability to write the resulting analysis into the local file system at
~/Documents/notes/. - Sanitization: There are no explicit requirements for sanitizing or filtering the content of the ingested papers before processing.
Audit Metadata