Skills
skills/wentorai/research-plugins/chatpaper-guide/Gen Agent Trust Hub

chatpaper-guide

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill guides the user to download source code from an external repository (https://github.com/kaixindelele/ChatPaper.git) and install unvetted dependencies via a requirements file.
  • [COMMAND_EXECUTION]: Instructions include executing multiple shell commands for repository cloning, environment setup, and running Python scripts that interact with web APIs and local files.
  • [PROMPT_INJECTION]: The skill facilitates processing untrusted data from external sources (arXiv), creating a surface for indirect prompt injection.
  • Ingestion points: Academic paper text retrieved dynamically from the arXiv API based on search queries.
  • Boundary markers: None explicitly defined in the guide to differentiate between paper content and agent instructions.
  • Capability inventory: The skill uses a Python script (chat_paper.py) capable of making network requests and writing files to the local system (--save_path).
  • Sanitization: No evidence of input validation or content sanitization to prevent malicious instructions embedded in papers from influencing LLM behavior.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 10:16 PM
Security Audit — agent-trust-hub — chatpaper-guide