abstract-searcher
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches academic paper data and abstracts from well-known services including arXiv, Semantic Scholar, CrossRef, and OpenAlex. These are trusted academic sources and the operations are consistent with the skill's purpose.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes paper abstracts and browser snapshots from external sources without sufficient delimiters. Evidence chain:\n
- Ingestion points: API responses in
scripts/add_abstracts.pyand browser snapshots described inSKILL.md.\n - Boundary markers: Absent; the fetched content is not wrapped in protective delimiters or accompanied by instructions to ignore embedded prompts.\n
- Capability inventory: Performs network requests via
urllib.requestand utilizes browser automation tools (tabs, open, snapshot, act) via a Chrome profile session.\n - Sanitization: The
clean_abstractfunction inscripts/add_abstracts.pyprovides minimal sanitization by removing newlines and excessive whitespace, which does not prevent instruction execution.
Audit Metadata