read-research-paper
Pass
Audited by Gen Agent Trust Hub on May 25, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches research paper data and metadata from academic repositories including arXiv (
export.arxiv.org) and Crossref (api.crossref.org). These are well-known and trusted services for scientific research. - [COMMAND_EXECUTION]: The freshness protocol in
instructions/freshness.mduses the systemdatecommand (date -u +%Y-%m-%d) to anchor research findings to the current date. This is a benign and standard practice for ensuring temporal accuracy. - [DYNAMIC_EXECUTION]: The script
toolchains/read_any_file.pyutilizes the__import__function to conditionally load optional third-party libraries (e.g.,pdfplumber,pandas,beautifulsoup4). This is a standard Python pattern for feature detection and dependency management without requiring all libraries at runtime. - [PROMPT_INJECTION]: The skill processes untrusted external data (research papers) as its primary input. To mitigate indirect prompt injection risks, the skill uses specific delimiters (
<<< ... >>>) in its parsing prompts (e.g.,prompts/parse-paper.md) and enforces strict constraints requiring the model to adhere exclusively to the extracted text. - Ingestion points: Reads files and URL content via
toolchains/read_any_file.pyandtoolchains/fetch_paper.py. - Boundary markers: Uses
<<< ... >>>delimiters in all data-parsing prompts. - Capability inventory: Includes filesystem read/write for caching, network access for fetching papers, and basic shell command execution for the system clock.
- Sanitization: Prompt instructions (e.g.,
prompts/plain-english.md) mandate strict adherence to source text and prohibit the fabrication of facts.
Audit Metadata