Skills
skills/wentorai/research-plugins/paper-review-skills/Gen Agent Trust Hub

paper-review-skills

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the installation and use of the lattereview Python package. While this is an external third-party dependency from PyPI, its usage is transparently documented as the primary focus of the latte-review-guide skill for automating literature reviews.
  • [COMMAND_EXECUTION]: The scientify-write-review-paper skill utilizes standard shell commands (cat, ls) to manage workspace project states and verify directory structures within the user's environment. These operations are restricted to project-specific paths (~/.openclaw/workspace/).
  • [PROMPT_INJECTION]: The paper-reading-assistant and latte-review-guide skills are subject to indirect prompt injection risks due to the processing of untrusted external content.
  • Ingestion points: Text extraction from PDF manuscripts in paper-reading-assistant/SKILL.md and bulk data imports (CSV/PubMed) in latte-review-guide/SKILL.md.
  • Boundary markers: Prompt templates for summarization and critique lack explicit delimiters (e.g., XML tags or triple backticks) to isolate untrusted paper text from the agent's instructions.
  • Capability inventory: The skill does not possess high-privilege capabilities such as arbitrary network access or administrative shell execution, limiting the impact of any potential injection.
  • Sanitization: No sanitization or filtering of the extracted text is performed before interpolation into LLM prompts.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 03:09 PM