Skills
skills/galaxy-dawn/claude-scholar/zotero-obsidian-bridge/Gen Agent Trust Hub

zotero-obsidian-bridge

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection (Category 8). \n
  • Ingestion points: Metadata, full text, and annotations are read from external Zotero items as specified in SKILL.md and references/WORKFLOW.md. \n
  • Boundary markers: The instructions do not define delimiters or protective prompts to isolate the ingested external content. \n
  • Capability inventory: The skill uses 'python3' to execute its internal validation script (references/WORKFLOW.md). \n
  • Sanitization: No explicit sanitization or filtering of the Zotero-sourced content is performed before processing. \n- [COMMAND_EXECUTION]: The skill executes an internal Python script, 'scripts/verify_paper_notes.py', to perform schema and consistency checks on the generated paper notes in the Obsidian vault (references/WORKFLOW.md).
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 09:15 AM