digest-paper

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill processes full-text PDF files from external sources to generate synthesis. This creates an indirect prompt injection surface where a malicious document could attempt to manipulate the agent.
  • Ingestion points: paper.pdf (read in full-text mode).
  • Boundary markers: None provided.
  • Capability inventory: Modifies local bibliography and index files, and executes the make check command.
  • Sanitization: No content validation or sanitization is specified.
  • [COMMAND_EXECUTION]: Step 11 of the procedure executes make check from the project root, which runs shell commands defined in a local Makefile.
  • [EXTERNAL_DOWNLOADS]: The skill fetches data from scholarly MCP servers (e.g., Semantic Scholar, arXiv) and downloads PDF files from external repositories, including fallback services like Sci-Hub.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 10:13 AM
Security Audit — agent-trust-hub — digest-paper