ov-add-paper

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill uses the Bash tool to execute the OpenViking CLI ('ov') and a local Python validation script. These actions are performed within the scope of the skill's intended purpose and involve only local or vendor-provided tooling.
  • [SAFE]: The skill includes a Python script ('scripts/validate_ara.py') that performs deterministic structural checks on generated files using standard libraries. The script contains no network operations, dynamic code execution, or unauthorized file access.
  • [SAFE]: The skill interacts with the local OpenViking configuration file at '~/.openviking/ovcli.conf' to enable communication with the platform. This is a standard and transparent use of configuration for the associated CLI tool.
  • [SAFE]: The skill processes external data from research papers (URLs or local paths). The risk of indirect prompt injection is mitigated by instructions requiring factual adherence to the source and the use of a structural validation script to ensure artifact integrity before ingestion.
  • [SAFE]: The skill references an external research artifact pattern on GitHub for documentation purposes. It does not download or execute remote code from this source at runtime.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 10:43 AM
Security Audit — agent-trust-hub — ov-add-paper