hugging-face-paper-publisher
Pass
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches research paper metadata from the official arXiv API and repository content from the Hugging Face Hub. These connections target well-known scientific and developer platforms and are essential for the skill's stated purpose.
- [COMMAND_EXECUTION]: Orchestrates paper management tasks by executing local Python scripts through the
uv runtool. These operations are confined to the intended functionality of managing research artifacts. - [PROMPT_INJECTION]: The skill processes potentially untrusted metadata (titles, abstracts) from the arXiv API. It proactively mitigates indirect injection risks (Category 8) by implementing the following security measures:
- Ingestion points: External data enters through the
get_arxiv_infofunction inscripts/paper_manager.py. - Boundary markers: Updated content is wrapped in
<!-- paper-manager:start -->markers in repository README files to delimit managed sections. - Capability inventory: Functions include repository write access via
huggingface_huband local file creation for research articles. - Sanitization: Dedicated
_sanitize_textand_escape_yaml_valuefunctions are used to neutralize markdown code-fence breakouts and YAML document delimiters in untrusted strings before interpolation.
- Ingestion points: External data enters through the
Audit Metadata