fetch-arxiv-recent
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches scientific literature from
export.arxiv.org, which is a well-known and reputable service for academic preprints. This is standard functionality for the skill's stated purpose. - [COMMAND_EXECUTION]: The skill performs local file writes to
.cache/to store raw XML responses. This is a common performance optimization for data-fetching skills and does not pose a security risk in this context. - [DATA_EXPOSURE_AND_EXFILTRATION]: No sensitive data access or unauthorized network operations were detected. The skill interacts solely with the public arXiv API without requiring authentication or API keys.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted content (titles and abstracts) from arXiv. However, it handles this risk by:
- Ingestion points: XML data from
export.arxiv.org(SKILL.md Step 4). - Boundary markers: Normalizing data into a structured JSON schema for the calling agent.
- Capability inventory: Limited to network GET requests and local caching; no dangerous shell or dynamic execution capabilities.
- Sanitization: Collapsing whitespace and parsing through an Atom XML parser, which reduces the likelihood of control characters influencing the agent.
Audit Metadata