zotero-api
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides legitimate guidance and standard patterns for using the Zotero Web API for research organization.\n- [SAFE]: Credential safety is maintained by using placeholders (e.g., YOUR_API_KEY) for sensitive authentication keys.\n- [SAFE]: All network requests are directed to the official Zotero infrastructure (api.zotero.org).\n- [PROMPT_INJECTION]: The skill facilitates the ingestion of external bibliographic data, which creates a surface for indirect prompt injection.\n
- Ingestion points: Data is retrieved from the Zotero user and group library endpoints (items and collections) into the agent's context as described in SKILL.md.\n
- Boundary markers: Absent; the provided implementation examples do not use delimiters to wrap the retrieved bibliographic metadata.\n
- Capability inventory: The skill patterns involve network read capabilities using the requests library and automated metadata processing.\n
- Sanitization: No validation or sanitization logic is implemented to filter potential instructions from fields like abstracts or notes.
Audit Metadata