Skills
skills/marimo-team/skills/implement-paper-auto/Gen Agent Trust Hub

implement-paper-auto

Pass

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses curl to fetch paper overviews and full text from https://alphaxiv.org. This involves downloading content from a third-party service that is not on the trusted vendor list, which then directly influences automated code generation.- [COMMAND_EXECUTION]: Instructions specify executing curl commands using a {PAPER_ID} variable derived from user-provided input. This creates a surface for command injection if the agent fails to strictly parse or sanitize the ID before passing it to the shell.- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) by fetching untrusted markdown data from AlphaXiv to generate executable Python code. \n
  • Ingestion points: Markdown content fetched via curl from AlphaXiv as defined in SKILL.md.\n
  • Boundary markers: The instructions do not define boundary markers or 'ignore' directives to prevent instructions within the paper text from being followed by the agent.\n
  • Capability inventory: The agent is empowered to generate Python code for Marimo notebooks and create custom JavaScript/Python widgets using the anywidget framework.\n
  • Sanitization: There are no guidelines provided for validating or sanitizing the external markdown content before it is processed by the LLM for code generation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 26, 2026, 03:17 PM