nature-downloader

Pass

Audited by Gen Agent Trust Hub on Jul 5, 2026

Risk Level: SAFE
Full Analysis
  • [DATA_EXPOSURE]: The skill manages institutional access configuration (such as portal URLs and SSO domains) by storing them in a local configuration file at ~/.config/lit-dl/school.json. This is standard behavior for managing user preferences and does not involve exfiltration of system secrets.
  • [COMMAND_EXECUTION]: The test suite (tests/python/test_config_wizard.py) utilizes subprocess.run and importlib to validate the CLI tool's behavior and module reloading. These operations are part of standard development and testing practices.
  • [EXTERNAL_DOWNLOADS]: The skill fetches academic PDFs and metadata from well-known scholarly platforms including Web of Science, ScienceDirect, and arXiv. These operations are essential to the skill's primary function and target legitimate academic services.
  • [INDIRECT_PROMPT_INJECTION]: The skill provides an attack surface for indirect prompt injection by extracting text from downloaded PDFs and scraping content from web pages. However, the skill implements these features as part of its core functionality (literature retrieval) and contains explicit instructions for the agent to maintain safety boundaries during these operations.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 5, 2026, 07:08 AM
Security Audit — agent-trust-hub — nature-downloader