Skills
skills/aradotso/trending-skills/aris-autonomous-ml-research/Gen Agent Trust Hub

aris-autonomous-ml-research

Warn

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The installation instructions require cloning a repository from a third-party GitHub user (wanshuiyin) that is not identified as a trusted vendor or associated with the stated author ('aradotso').
  • [COMMAND_EXECUTION]: The skill relies on shell commands to install dependencies, set up MCP servers, and orchestrate research workflows. It includes a Python integration example that uses subprocess.run to execute the claude CLI with user-defined research topics.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from external research databases and local files.
  • Ingestion points: arXiv, DBLP, CrossRef, Zotero libraries, Obsidian vaults, and local PDF files.
  • Boundary markers: No explicit delimiters are used to separate ingested research content from agent instructions.
  • Capability inventory: Automated GPU experiment execution, LaTeX compilation via pdflatex, and shell command orchestration.
  • Sanitization: The skill does not describe any sanitization or validation of external literature content before it influences automated workflows.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 29, 2026, 09:27 AM