deepxiv
Warn
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill is vulnerable to command injection because it interpolates user-provided input from
$ARGUMENTSdirectly into shell command templates (e.g.,python3 tools/deepxiv_fetch.py search "QUERY"). If a user provides arguments containing shell metacharacters like;,&, or backticks, it could lead to the execution of arbitrary commands. - [EXTERNAL_DOWNLOADS]: The skill instructs users to install an external third-party package (
deepxiv-sdk) via pip. It also depends on a local adapter script (tools/deepxiv_fetch.py) whose content and safety cannot be verified within this context. - [DATA_EXFILTRATION]: The documentation states that the tool automatically stores authentication tokens in the
~/.envfile. This path is a sensitive location that often contains other private environment variables and project secrets. Accessing or modifying this file via the broadBash(*)permissions granted to the skill poses a risk to system credentials.
Audit Metadata