Skills
skills/lijigang/ljg-skills/ljg-paper/Gen Agent Trust Hub

ljg-paper

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the date utility to generate formatted timestamps for filenames and Org-mode headers. While these specific commands (date +%Y%m%dT%H%M%S) are low-risk, they involve subprocess execution.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection. It ingest content from untrusted external sources (arXiv, PDFs, and web search results) and processes this data to generate output. An attacker could embed malicious instructions within a paper's text to influence the agent's behavior during analysis.
  • Ingestion points: Processes content from arxiv URL, paper URL, PDF, and WebSearch results.
  • Boundary markers: Absent. There are no explicit delimiters or instructions to ignore embedded commands in the source text.
  • Capability inventory: File writing to ~/Documents/notes/ and shell execution of the date command.
  • Sanitization: None detected. The skill directly interprets extracted text without filtering for instruction-like patterns.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 12:16 PM