bib-search-citation

Pass

Audited by Gen Agent Trust Hub on May 26, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill instructions and associated scripts do not contain any prompt injection attempts or commands designed to bypass agent safety filters.
  • [SAFE]: Data processing is performed locally on BibTeX files using standard Python libraries, with no identified network exfiltration or unauthorized file access beyond the specified bibliography files.
  • [SAFE]: The search engine in search_bib.py uses shlex.split for parsing query tokens, which is a secure method for handling user-supplied string arguments without risk of command injection.
  • [SAFE]: Static analysis findings for dynamic imports and subprocess calls are localized to the test suite (tests/test_bib_search.py) for integration testing purposes and do not impact the security of the core search modules.
  • [SAFE]: The skill operates without external dependencies, significantly reducing the surface area for supply chain attacks or unverifiable package execution.
Audit Metadata
Risk Level
SAFE
Analyzed
May 26, 2026, 11:09 AM
Security Audit — agent-trust-hub — bib-search-citation