Skills
skills/cookjohn/gs-skills/gs-cited-by/Gen Agent Trust Hub

gs-cited-by

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill interacts exclusively with Google Scholar (scholar.google.com), which is a well-known service for academic research. References to this domain are for the intended purpose of the skill and pose no security risk.
  • [COMMAND_EXECUTION]: Browser-based automation is performed using the mcp__chrome-devtools__navigate_page and evaluate_script tools. The JavaScript logic in SKILL.md is dedicated to parsing scholarly information (titles, authors, and citation IDs) from the page's HTML structure and handling CAPTCHA detection.
  • [DATA_EXFILTRATION]: No sensitive local files, environment variables, or hardcoded credentials are accessed. The data collected consists of publicly available academic metadata intended for the user.
  • [PROMPT_INJECTION]: The skill processes untrusted data from paper titles and snippets during extraction. While this represents a standard indirect prompt injection surface, there are no instructions within the skill that attempt to bypass core safety protocols.
  • Ingestion points: DOM elements processed by evaluate_script in SKILL.md.
  • Boundary markers: Absent in the reporting template.
  • Capability inventory: Page navigation and script execution via chrome-devtools MCP.
  • Sanitization: None; data is reported as extracted from the browser context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 03:04 AM