Skills
skills/wpsnote/wpsnote-skills/paper-researcher/Gen Agent Trust Hub

paper-researcher

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [UNVERIFIABLE_DEPENDENCIES_AND_REMOTE_CODE_EXECUTION]: The skill fetches academic papers and metadata from well-known services including arXiv.org and OpenAlex.org. It also utilizes standard Python libraries from official registries for data processing.
  • [INDIRECT_PROMPT_INJECTION]: The skill has an attack surface for processing untrusted external content extracted from research papers. • Ingestion points: Paper titles, abstracts, and full-text content are ingested through the paper.py script. • Boundary markers: No explicit delimiters or instructions to ignore embedded prompts are provided in the workflow. • Capability inventory: The skill can execute shell commands via wpsnote-cli and perform file system operations. • Sanitization: Text content from external papers is processed without explicit sanitization.
  • [COMMAND_EXECUTION]: Uses the vendor-provided wpsnote-cli tool to manage and store research summaries within the user's WPS Notes environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 04:00 AM