citation-management

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill interacts with well-known and official academic APIs, including api.crossref.org, eutils.ncbi.nlm.nih.gov, and export.arxiv.org, to retrieve paper metadata. These connections are integral to the skill's primary function and target well-known scientific services.
  • [COMMAND_EXECUTION]: Python scripts are provided to automate BibTeX formatting and academic searches. These scripts perform standard data processing and API requests without any evidence of dangerous shell command injection or privilege escalation.
  • [DATA_EXFILTRATION]: No unauthorized data exfiltration patterns were found. Network activity is limited to retrieving metadata from established scientific repositories, and the skill correctly advises users to manage API credentials through environment variables rather than hardcoding them.
  • [SAFE]: The skill demonstrates security-conscious behavior, such as implementing rate limiting for API requests and requiring user confirmation before performing potentially destructive edits to local BibTeX files.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 05:55 PM
Security Audit — agent-trust-hub — citation-management