Skills
skills/varde80/arxiv-zotero-obsidian/zotero-add/Gen Agent Trust Hub

zotero-add

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides bash commands to execute a local Python script (add_to_zotero.py) that handles communication with the Zotero and arXiv APIs.
  • [DATA_EXPOSURE]: The skill retrieves a ZOTERO_API_KEY from environment variables or a local .env file. This is a legitimate requirement for authenticating with the Zotero service as intended.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes paper metadata such as titles and abstracts which may originate from external sources like arXiv.
  • Ingestion points: Metadata is passed to scripts/add_to_zotero.py via command-line arguments (--title, --abstract, --authors).
  • Boundary markers: No explicit delimiters or instructions are used to separate metadata from processing logic.
  • Capability inventory: The skill possesses network access (interacting with Zotero/arXiv) and filesystem write access (downloading and storing PDFs).
  • Sanitization: Metadata content is not sanitized or validated for embedded instructions before being passed to the Zotero client functions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 05:16 AM