Skills
skills/crazymsn/academic-skills/bgpt-paper-search/Gen Agent Trust Hub

bgpt-paper-search

Pass

Audited by Gen Agent Trust Hub on May 28, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructions include the use of npx mcp-remote and npx bgpt-mcp. These commands download and execute packages directly from the npm registry at runtime.
  • [COMMAND_EXECUTION]: The skill identifies Bash as an allowed tool to facilitate the execution of npm commands for setup and server interaction.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes data from an external scientific database.
  • Ingestion points: The search_papers tool retrieves experimental data, methods, and conclusions from the remote endpoint at https://bgpt.pro/mcp/sse.
  • Boundary markers: There are no specified delimiters or instructions to treat the retrieved content as untrusted data.
  • Capability inventory: The skill environment allows the use of Bash, which could be targeted by instructions embedded in the paper data.
  • Sanitization: The instructions do not describe any validation or sanitization of the remote paper data before it is presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 28, 2026, 03:41 PM
Security Audit — agent-trust-hub — bgpt-paper-search