ljg-paper-river
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted research papers from external sources, creating an indirect prompt injection surface.
- Ingestion points: External research papers fetched via academic URLs, web searches, or read from PDF files.
- Boundary markers: The instructions do not define boundary markers or explicit warnings to the agent to ignore embedded instructions within the ingested paper text.
- Capability inventory: The agent uses network tools for fetching content and search, and has write access to the local file system for saving notes.
- Sanitization: There is no evidence of sanitization or filtering of the ingested external content.
- [DATA_EXFILTRATION]: The skill fetches research paper data from well-known academic sources and the web to perform analysis. These operations involve network access to external domains as part of the primary research functionality.
- [COMMAND_EXECUTION]: The skill instructions specify the use of system utilities like the date command to generate unique identifiers and timestamps for document organization and file naming.
Audit Metadata