literature-scout
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill interacts with well-known and reputable academic services including ArXiv and Semantic Scholar for their intended purposes.
- [SAFE]: Network operations are transparently described and limited to standard API calls for academic literature retrieval.
- [SAFE]: No hardcoded credentials or secrets were found; the skill correctly notes that Semantic Scholar can be used without an API key under certain rate limits.
- [SAFE]: The skill does not execute external scripts, install untrusted packages, or perform unauthorized privilege escalation.
- [INDIRECT_PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it processes untrusted content (paper abstracts and titles) from the internet. However, the risk is negligible as the agent's capabilities are limited to organizing research into markdown files.
- Ingestion points: External academic API responses (titles, abstracts) and local file
IMPLEMENTATION_PLAN.md. - Boundary markers: Absent for external data.
- Capability inventory: Reading local files, writing to markdown files (
literature_matrix.md), and performing network searches. - Sanitization: Absent.
Audit Metadata