arxiv
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill retrieves academic metadata and paper information from the official APIs of arXiv (export.arxiv.org) and Semantic Scholar (api.semanticscholar.org). These are well-known and trusted academic research services.\n- [COMMAND_EXECUTION]: Provides shell command examples using
curlandpython3. While automated scans flagged these as potential remote code execution patterns due to shell pipes, manual analysis confirms they are used for parsing XML/JSON data with inline Python scripts or local files. The skill treats the remote response as data input for processing rather than executing it as a script.\n- [PROMPT_INJECTION]: The skill processes untrusted text (abstracts and titles) from external repositories, which presents a surface for indirect prompt injection. This is a low-risk finding typical of research tools that ingestion external text content; risk is mitigated by the use of structured XML/JSON parsing.\n- [SAFE]: The provided helper scriptscripts/search_arxiv.pyand the Markdown code snippets use only Python standard libraries for data processing and correctly sanitize search parameters before API requests.
Audit Metadata