literature-search-arxiv
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches paper metadata and full-text documents from official arXiv domains (arxiv.org and export.arxiv.org). These are trusted and well-known academic repositories.
- [COMMAND_EXECUTION]: Executes local Python scripts using
uv runfor search and download operations. The skill also provides instructions for managing files and extracting archives using standard shell commands likemkdirandtar. - [PROMPT_INJECTION]: Processes untrusted content from arXiv papers, which creates an indirect prompt injection surface where maliciously crafted paper metadata or content could attempt to influence the agent's behavior.
- Ingestion points: Paper titles, summaries, and full-text content retrieved via
scripts/search_arxiv.pyandscripts/download_paper.py. - Boundary markers: None. The skill does not provide instructions to use delimiters or ignore embedded instructions within the retrieved content.
- Capability inventory: The skill includes tools for file writing and command execution.
- Sanitization: No sanitization of the retrieved paper content is performed before it is processed by the agent.
Audit Metadata