skills/wanshuiyin/auto-claude-code-research-in-sleep/auto-paper-improvement-loop/Gen Agent Trust Hub
auto-paper-improvement-loop
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands to manage the paper improvement process. It concatenates LaTeX source files, runs
latexmkfor compilation, and executes an inline Python script to verify consistency between main-body theorems and appendix restatements. It also reads configuration from~/.claude/feishu.jsonto send notifications. - [PROMPT_INJECTION]: The skill processes untrusted LaTeX source code which is interpolated into prompts for the reviewer LLM, creating a surface for indirect prompt injection.
- Ingestion points: LaTeX files from the
paper/sections/directory are read and passed to themcp__codex__codextool during the review phases (Steps 2 and 5). - Boundary markers: The prompt structure uses clear markdown headers (e.g.,
## Paper Files:) to separate the paper content from the senior reviewer instructions. - Capability inventory: The skill possesses
Bash,Write, andEdittools, allowing it to modify the filesystem and recompile documents based on LLM-generated fixes. - Sanitization: No explicit sanitization or escaping of the LaTeX source content is performed before it is included in the LLM prompt.
Audit Metadata