Skills
skills/eturkes/claude-scientific-skills/bgpt-paper-search/Gen Agent Trust Hub

bgpt-paper-search

Warn

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructions direct users to run the bgpt-mcp and mcp-remote packages from the public npm registry via npx.
  • [EXTERNAL_DOWNLOADS]: The skill connects to a remote Server-Sent Events (SSE) endpoint at https://bgpt.pro/mcp/sse to provide its functionality.
  • [REMOTE_CODE_EXECUTION]: The configuration involves using npx to execute remote code from unverified third-party packages.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection.
  • Ingestion points: The search_papers tool retrieves structured data and text from an external database of scientific studies.
  • Boundary markers: There are no boundary markers or instructions provided to the agent to treat the retrieved paper content as untrusted or to ignore embedded instructions.
  • Capability inventory: The skill is configured to allow the agent access to the Bash tool, which could be exploited if malicious content in a retrieved paper influences the agent's actions.
  • Sanitization: No evidence of sanitization, filtering, or validation of the retrieved paper data is provided in the skill instructions.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 16, 2026, 10:49 PM