ml-paper-writing
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: A thorough analysis of the skill instructions, template files, and scripts revealed no malicious patterns, obfuscation, or credentials theft.
- [EXTERNAL_DOWNLOADS]: The NeurIPS 2025 template directory includes a Makefile that fetches official style files from media.neurips.cc, a recognized and trusted domain for the NeurIPS conference.
- [COMMAND_EXECUTION]: The skill instructs the agent to utilize standard Unix utilities like ls, find, and grep to understand repository structures, and typesetting tools such as pdflatex, bibtex, and latexmk to generate paper PDFs. These operations are necessary and appropriate for the skill's stated academic purpose.
- [REMOTE_CODE_EXECUTION]: The skill recommends the installation of the Exa MCP server (mcp.exa.ai) to enhance literature search capabilities. This is documented as a recommendation for the user and targets a well-known academic search service.
- [PROMPT_INJECTION]: The skill features a workflow for ingesting data from research repositories, which constitutes a potential surface for indirect prompt injection. • Ingestion points: Exploration of files via ls, find, and grep commands as outlined in SKILL.md. • Boundary markers: Absent for the ingestion of file content. • Capability inventory: Subprocess execution for shell commands and network access to scholarly APIs (Semantic Scholar, arXiv, and CrossRef). • Sanitization: Absent; however, the skill prioritizes human verification of all generated drafts and citations, mitigating the risk of accidental obedience to embedded instructions.
Audit Metadata