paper-comic
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- COMMAND_EXECUTION (MEDIUM): The skill instructs the agent to run shell commands using npx and bun to execute scripts from an external dependency directory ($SKILL_DIR/scripts/main.ts).
- REMOTE_CODE_EXECUTION (MEDIUM): The script execution relies on an untrusted dependency (baoyu-gemini-web) which is not from a trusted source. This poses a risk of executing unverified code on the local system.
- EXTERNAL_DOWNLOADS (MEDIUM): The use of npx -y allows for automatic package downloads and execution. The skill also performs browser-based Google authentication through scripts that are not verified for security.
- INDIRECT_PROMPT_INJECTION (LOW): (1) Ingestion points: Reads academic papers (PDF/Markdown) into the context. (2) Boundary markers: Absent. (3) Capability inventory: File writing, shell execution, and network access via browser automation. (4) Sanitization: Absent. Maliciously crafted papers could attempt to influence prompt generation.
- MALICIOUS_URL (LOW): An automated scanner flagged classic.md for phishing, but manual inspection confirmed only hex color codes are present, suggesting a false positive.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata