literature-search

[Skill Scanner] Backtick command substitution detected The skill documentation and commands align with the stated purpose (literature search and bibliography generation). I did not find evidence of embedded malware or obvious exfiltration to attacker-controlled domains. The primary security concerns are supply-chain and local‑secrets handling: scripts live under user agent directories (~/.claude/skills/) and run with user privileges, and the example demonstrates reading an API key from a plaintext file via grep — an insecure practice that could lead to credential leakage if followed. Overall this appears functionally appropriate for its purpose but carries moderate supply-chain/local-credential risks that should be mitigated (store keys in secure env vars or credential stores, audit scripts run from agent directories). LLM verification: The SKILL.md fragment documents a legitimate literature-search utility. The code fragment itself contains no overtly malicious payloads, but it exhibits moderate supply-chain and credential-handling risks: it executes local scripts (not provided) and demonstrates insecure secret handling (plaintext file + command-line substitution). These practices broaden the trust surface and can lead to accidental credential exposure or arbitrary actions by the invoked scripts. Recommend auditing the referenc