Zotero
Pass
Audited by Gen Agent Trust Hub on Jun 10, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- Process Management: The skill utilizes system-level commands to restart the Zotero application, which is a functional requirement to ensure the local HTTP API is active after configuration changes.
- Configuration Modification: The utility manages Zotero's prefs.js file to enable the local API server and implements safety measures by creating timestamped backups before modifications.
- Local Data Handling: The skill interacts with the Zotero local API over the loopback interface, ensuring that bibliographic data and full-text content are processed locally and only upon request.
- File System Operations: The tool can update local bibliographic and document files to sync references and insert citations, with operations scoped to paths provided or confirmed by the user.
- Indirect Prompt Injection Surface: The skill ingests data from Zotero items (Ingestion: scripts/zotero.py) without using explicit boundary markers. It possesses capabilities to write to local files and execute commands for process management (Capabilities: scripts/zotero.py). Content sanitization for library metadata is not performed, which is a typical consideration for library management workflows.
Audit Metadata