nsfc-bib-manager
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions attempting to bypass safety filters or override agent behavior were detected. The rules focus on technical constraints for BibTeX management.
- Data Exposure & Exfiltration (SAFE): While the skill interacts with local bibliography and LaTeX files, there are no patterns suggesting unauthorized data exfiltration or access to sensitive system files like credentials or SSH keys.
- Unverifiable Dependencies (SAFE): The skill references 'MCP' (Model Context Protocol) for metadata retrieval, which is a standard mechanism for AI tools. No suspicious remote scripts or unauthorized package installations were found.
- Indirect Prompt Injection (LOW): The skill retrieves metadata from external sources (internet via MCP). While this creates an ingestion point for untrusted data, the skill's specific purpose is to verify this data (DOI, Journal name), which reduces the risk of accidental instruction execution. No evidence of malicious exploitation was found.
- Command Execution (SAFE): No arbitrary shell commands, privilege escalation, or persistence mechanisms were detected in the provided files.
Audit Metadata