paper-reading-field-map
Pass
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted content from academic papers, creating an indirect prompt injection surface. This could allow malicious content within a paper to influence the agent's summary or inject code into the generated HTML report. \n
- Ingestion points: External research papers collected via web search or user upload (documented in
seed_papers/andall_papers/). \n - Boundary markers: Output is structured using Markdown templates, but there are no explicit delimiters to segregate paper content from agent instructions. \n
- Capability inventory: The agent can perform web searches and write Markdown and HTML files to the local workspace. \n
- Sanitization: The skill does not specify any sanitization or filtering of the content extracted from papers. \n- [SAFE]: Network operations are restricted to searching well-known academic databases and search engines for paper discovery, which is the stated purpose of the skill.
Audit Metadata