asta-skill
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is entirely instructional and does not include any executable code, scripts, or package installations. It serves as a guide for an agent to interact with an external MCP server.
- [SAFE]: The skill references an official MCP endpoint hosted by the Allen Institute for Artificial Intelligence (allen.ai), a well-known scientific research organization. This resource is used for legitimate academic data retrieval.
- [SAFE]: Secret management follows security best practices by instructing the host to provide the 'ASTA_API_KEY' via environment variables rather than hardcoding credentials or requesting them in plain text.
- [SAFE]: The instructions include defensive measures against context window exhaustion, specifically advising the agent to avoid requesting large citation or reference fields that could overflow the model's memory.
Audit Metadata