daily-paper-generator
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection (Category 8) as it ingests and summarizes untrusted external text. Ingestion points: arXiv paper abstracts and metadata retrieved via browser automation and the
arxiv_search.pyscript. Boundary markers: Absent; the skill lacks instructions to isolate external content or warn the agent against commands embedded in abstracts. Capability inventory: The skill has the ability to navigate the web, write files to thedaily paper/directory, and execute local Python scripts. Sanitization: Absent; the content is processed directly for summary generation. - [EXTERNAL_DOWNLOADS]: The skill facilitates data retrieval from
arxiv.org, a well-known and reputable academic repository. - [COMMAND_EXECUTION]: The skill includes a local helper script,
scripts/arxiv_search.py, which is used for querying the arXiv API and depends on the standardfeedparserlibrary.
Audit Metadata