citation-management
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill interacts with reputable academic services and databases including Google Scholar, PubMed (NCBI), CrossRef, arXiv, and DataCite for retrieving publication metadata.
- [SAFE]: All identified Python dependencies are well-known, established packages from the Python Package Index (PyPI), such as requests, biopython, and bibtexparser.
- [SAFE]: The skill operates using local Python scripts for data processing and does not attempt to execute remote code or download scripts from untrusted sources.
- [SAFE]: No patterns associated with prompt injection, data exfiltration, or persistence were found in the skill's instructions or command examples.
- [SAFE]: While the skill ingests external data from APIs (an inherent surface for indirect prompt injection), it follows structured processing patterns for citation management and does not demonstrate unsafe handling of the retrieved content.
Audit Metadata