Historique des audits

This literature-review skill is a legitimate academic research tool. Static analysis flagged 178 potential security issues, but all findings are false positives. The external_command patterns are documentation examples of standard academic tools (pandoc, xelatex, gget). Network requests target legitimate academic APIs (CrossRef, DOI resolution, PubMed). Filesystem operations write search results and verification reports. No malicious intent, data exfiltration, or command injection vectors detected.

This literature-review skill is a legitimate academic research tool. Static analysis flagged 178 potential security issues, but all findings are false positives. The external_command patterns are documentation examples of standard academic tools (pandoc, xelatex, gget). Network requests target legitimate academic APIs (CrossRef, DOI resolution, PubMed). Filesystem operations write search results and verification reports. No malicious intent, data exfiltration, or command injection vectors detected.

The literature-review skill is a legitimate academic research tool. Static analysis flagged many external_command patterns, but these are documentation examples showing shell commands for legitimate tools (pandoc, gget). The network requests are to standard academic APIs (CrossRef, DOI resolution) and database services. No malicious intent detected.

This skill contains Python scripts that process user files and make HTTP requests to public DOI and CrossRef APIs for citation verification. The scripts invoke local tools (pandoc, xelatex) for PDF generation. No sensitive file access, environment harvesting, credential theft, or data exfiltration patterns were detected. The network activity is limited to legitimate academic API endpoints.