Skills
skills/lijigang/ljg-skills/ljg-paper-flow/Gen Agent Trust Hub

ljg-paper-flow

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill includes instructions to bypass a specific platform execution model (the seven-step Algorithm workflow) in favor of a 'NATIVE' mode. While this overrides standard operating procedures, it is done to streamline the specific multi-tool pipeline rather than to bypass safety or ethical guidelines.
  • [INDIRECT_PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it ingests untrusted data from external sources, including ArXiv URLs, paper PDFs, and web links.
  • Ingestion points: User-provided paper links and file paths are extracted and passed to subsequent tools.
  • Boundary markers: The instructions do not define explicit delimiters or 'ignore' instructions for the content of the processed papers.
  • Capability inventory: The skill has the capability to execute the ljg-paper and ljg-card tools (SKILL.md).
  • Sanitization: There is no mention of sanitization or validation of the text extracted from the external papers before it is processed by the subagents.
  • [COMMAND_EXECUTION]: The skill orchestrates the execution of two vendor-prefixed tools, ljg-paper and ljg-card. This usage is consistent with the author's identity ('lijigang') and represents the core intended functionality of a workflow aggregator.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 06:12 AM