nature-academic-search
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill communicates with established academic service providers, including PubMed (NCBI), CrossRef, arXiv, and OpenAlex. These network operations are necessary for the skill's primary function and target well-known, trusted domains.
- [COMMAND_EXECUTION]: An installation script (
install.sh) is provided to automate the setup of the MCP server. It performs standard administrative tasks such as installing dependencies via pip and updating configuration files in the local environment, which is appropriate for a deployment script. - [SAFE]: The use of dynamic module loading (
__import__) detected in the test suite is a legitimate coding pattern used for mocking and patching in a unit testing environment. - [SAFE]: No hardcoded credentials or unauthorized data exfiltration patterns were detected. Sensitive information such as API keys is managed through environment variables or local configuration files in accordance with security best practices.
Audit Metadata