implement-paper
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEDATA_EXFILTRATIONREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [DATA_EXPOSURE_AND_EXFILTRATION]: The skill uses
curlto fetch markdown content fromalphaxiv.org(inreferences/fetching-papers.md). This involves network operations to a non-whitelisted domain to retrieve external data based on user input. - [INDIRECT_PROMPT_INJECTION]: The skill is vulnerable to instructions embedded in the external papers it fetches, which could influence the agent's notebook planning and code generation stages.
- Ingestion points: Research paper overviews and full texts are retrieved from
alphaxiv.orgviacurl(as described inreferences/fetching-papers.md). - Boundary markers: There are no boundary markers or instructions directing the agent to ignore potential commands embedded within the retrieved research paper text.
- Capability inventory: The agent can generate and execute Python code in marimo notebooks, create JavaScript components via
anywidget, and perform file system operations usingpathlib(referenced inreferences/anywidget.md). - Sanitization: The skill does not implement sanitization or validation of the paper content before using it to generate the notebook's structure and executable code.
- [DYNAMIC_EXECUTION]: The skill involves dynamic code generation where the agent writes Python notebooks and JavaScript widgets based on external descriptions. The
anywidgetreference specifically encourages embedding JavaScript in Python strings and supports loading code from external paths viapathlib.
Audit Metadata