paper-summary
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODEEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: Potential for indirect prompt injection from processed documents. • Ingestion points: Content is fetched from arbitrary URLs or local file paths defined in the skill arguments in SKILL.md. • Boundary markers: No delimiters or protective instructions are used to isolate the paper content from the agent instructions. • Capability inventory: The skill utilizes network access for fetching content and file system access for reading/writing files. • Sanitization: No sanitization or validation of the fetched content is performed before summarization.
- [EXTERNAL_DOWNLOADS]: The skill fetches data from external, non-whitelisted URLs or DOIs provided at runtime. While the intended use case is academic papers, this mechanism can be used to pull content from any remote server.
- [NO_CODE]: The skill is defined entirely through natural language instructions and does not include any accompanying executable scripts or binaries.
Audit Metadata