Skills
skills/allenai/asta-plugins/Asta Literature Search/Gen Agent Trust Hub

Asta Literature Search

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the asta-plugins package directly from the author's official GitHub repository (github.com/allenai/asta-plugins.git) using the uv tool manager. This download is a vendor-provided resource necessary for the skill's functionality.
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute asta CLI commands for literature discovery, citation retrieval, and document management. It also employs jq for structured processing of search results.
  • [DATA_EXPOSURE]: The skill processes external content from academic databases which presents a surface for indirect prompt injection.
  • Ingestion points: Paper abstracts, snippets, and citation contexts retrieved via the asta CLI from external academic sources (SKILL.md).
  • Boundary markers: None explicitly defined in the prompt instructions to the agent.
  • Capability inventory: Subprocess execution via Bash (asta, jq) and file system operations (mkdir, mv).
  • Sanitization: The skill uses jq to extract specific fields from the JSON response, which provides basic structural validation, but no explicit content sanitization is described.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 12:04 AM