ljg-paper
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches academic paper content and overview images from well-known technology services like arXiv.org and via standard web search to facilitate its primary function.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection attack surface as it processes untrusted external data. Ingestion points: Research papers retrieved from arXiv URLs, uploaded PDFs, and web search results. Boundary markers: The skill enforces a strict Org-mode structure and requires the use of a mandatory reference template (references/template.org). Capability inventory: The agent is instructed to use tools for network fetching (WebFetch, WebSearch), file reading (Read), and local file writing (Write) to ~/Documents/notes/. Sanitization: The agent is constrained by explicit stylistic 'Red lines' that require it to synthesize and rewrite content into plain language, which serves as a functional barrier against the verbatim execution of embedded instructions.
- [SAFE]: No malicious patterns such as credential harvesting, unauthorized command execution, or obfuscated code were detected. The skill's operations are transparent and aligned with its documented purpose.
Audit Metadata