Skills
skills/k-dense-ai/claude-scientific-skills/pyzotero/Gen Agent Trust Hub

pyzotero

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [UNVERIFIABLE_DEPENDENCIES_AND_REMOTE_CODE_EXECUTION]: The skill utilizes the standard pyzotero library for its core functionality.\n
  • Evidence: Installation instructions for pyzotero and pyzotero[cli] are provided in SKILL.md and references/cli.md. This is the established library for Zotero API interaction.\n- [INDIRECT_PROMPT_INJECTION]: Potential for instructions to be embedded in bibliographic data retrieved from the Zotero API.\n
  • Ingestion points: Data such as titles, notes, and PDF full-text are fetched via zot.items(), zot.collection_items(), and zot.fulltext_item().\n
  • Boundary markers: The skill does not employ delimiters or explicit instructions to the agent to ignore potentially malicious content within the bibliographic data.\n
  • Capability inventory: The skill is granted Bash, Write, Edit, and Read capabilities, including file-system writes via zot.dump().\n
  • Sanitization: No sanitization or validation of data retrieved from the external Zotero API is implemented in the code samples.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 02:22 AM