Skills
skills/yuan1z0825/nature-skills/nature-reader/Gen Agent Trust Hub

nature-reader

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted research papers which introduces a surface for indirect prompt injection.\n
  • Ingestion points: Workflow step 1 in SKILL.md identifies PDFs, DOIs, arXiv links, and publisher HTML as input sources.\n
  • Boundary markers: The skill employs a block ID system (e.g., S001) and page-level sectioning in SKILL.md, but lacks explicit delimiters to ignore instructions embedded in the paper text.\n
  • Capability inventory: File system writes for generating paper.md, source_map.json, and translation_notes.md in SKILL.md.\n
  • Sanitization: No sanitization or validation of the ingested paper content is mentioned in SKILL.md.\n- [EXTERNAL_DOWNLOADS]: The skill configuration references official API endpoints for established language model providers in SKILL.md, including DeepSeek (api.deepseek.com), Zhipu AI (open.bigmodel.cn), Alibaba Cloud (dashscope.aliyuncs.com), and Moonshot AI (api.moonshot.cn).
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 12:42 PM