crossref-doi
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses the official Crossref API (api.crossref.org) for all operations. This is a well-known, trusted service for academic metadata.
- [SAFE]: No hardcoded credentials or sensitive data access patterns were found. The skill suggests using a 'mailto' parameter for rate limiting, which is an established, non-sensitive practice for this specific API.
- [SAFE]: The provided Python example and bash commands use standard libraries (urllib, curl, jq) and do not perform any risky remote code execution or unauthorized file system operations.
- [SAFE]: Data ingestion is limited to structured JSON metadata from a trusted source. The implementation guidelines correctly suggest sanitizing inputs (XML stripping) and using structured parsing, which mitigates indirect prompt injection risks.
Audit Metadata