The Agent Skills Directory

COMMAND_EXECUTION (LOW): The skill and its accompanying zotero_import.sh script frequently use python3 -c to parse JSON output from API calls. This involves dynamic execution of small, static Python snippets to process data.
REMOTE_CODE_EXECUTION (LOW): An automated scanner detected a curl | python3 pattern. Technical review shows that the code actually uses | python3 -c '...', which executes a predefined script string rather than the piped data. This minimizes the risk of executing untrusted payloads from the API.
DATA_EXFILTRATION (LOW): The skill manages the sensitive ZOTERO_API_KEY environment variable and transmits it to api.zotero.org. It also makes network requests to doi.org and api.crossref.org. These operations are consistent with the skill's primary purpose but constitute a potential data exposure surface.
INDIRECT_PROMPT_INJECTION (LOW): The skill ingests untrusted metadata from external DOI services.
Ingestion points: zotero_import.sh fetches BibTeX data from https://doi.org/.
Boundary markers: Absent; the fetched content is saved to temporary files and uploaded to the local Zotero instance without wrapping or delimiters.
Capability inventory: The script can perform network requests (curl), filesystem writes (mktemp), and local API commands.
Sanitization: No content validation or sanitization is performed on the BibTeX metadata before processing.

zotero