Audit History - citation-management

Audit version 4

Latest Low Risk

Jan 17, 2026, 06:19 AM

Legitimate academic citation management tool. Static analysis produced 1131 false positives by misinterpreting markdown code blocks as shell commands, list comprehensions as obfuscation, and documentation as network reconnaissance. Actual Python scripts make authorized API calls to public academic databases (CrossRef, PubMed, arXiv) for metadata retrieval.

15

Files scanned

8,548

Lines analyzed

3

findings

claude

Audited by

No security issues found

Risk Factors

🌐 Network access (3)

scripts/extract_metadata.py:108 scripts/search_pubmed.py:30 scripts/doi_to_bibtex.py:43

📁 Filesystem access (2)

scripts/extract_metadata.py:558 scripts/search_pubmed.py:389

🔑 Env variables (2)

scripts/extract_metadata.py:32 scripts/search_pubmed.py:28-29

Audit version 3

Low Risk

Jan 17, 2026, 06:19 AM

Legitimate academic citation management tool. Static analysis produced 1131 false positives by misinterpreting markdown code blocks as shell commands, list comprehensions as obfuscation, and documentation as network reconnaissance. Actual Python scripts make authorized API calls to public academic databases (CrossRef, PubMed, arXiv) for metadata retrieval.

15

Files scanned

8,548

Lines analyzed

3

findings

claude

Audited by

No security issues found

Risk Factors

🌐 Network access (3)

scripts/extract_metadata.py:108 scripts/search_pubmed.py:30 scripts/doi_to_bibtex.py:43

📁 Filesystem access (2)

scripts/extract_metadata.py:558 scripts/search_pubmed.py:389

🔑 Env variables (2)

scripts/extract_metadata.py:32 scripts/search_pubmed.py:28-29

Audit version 2

Low Risk

Jan 12, 2026, 04:38 PM

Legitimate academic citation management tool. Static scanner produced 1124 false positives by misinterpreting markdown code blocks as Ruby backticks, BibTeX citation keys as cryptographic keys, and documentation URLs as network endpoints. Actual Python scripts make legitimate API calls to public academic databases (CrossRef, PubMed, arXiv) and use standard environment variable patterns for optional API credentials.

14

Files scanned

8,213

Lines analyzed

4

findings

claude

Audited by

No security issues found

Risk Factors

⚡ Contains scripts (3)

scripts/search_pubmed.py:1-398 scripts/extract_metadata.py:1-50 scripts/format_bibtex.py:1-120

🌐 Network access (2)

scripts/search_pubmed.py:69-83 scripts/extract_metadata.py:98-120

📁 Filesystem access (2)

scripts/format_bibtex.py:37-42 scripts/search_pubmed.py:389-391

🔑 Env variables (1)

scripts/search_pubmed.py:28-29

Audit version 1

Low Risk

Jan 4, 2026, 04:52 PM

The skill includes six Python scripts that access scholarly databases (CrossRef, PubMed, arXiv, Google Scholar) and read/write user-provided BibTeX files. All network calls target legitimate academic APIs documented in the code. The scripts' behavior matches the stated purpose of citation management. No obfuscation, hidden execution paths, or credential theft patterns were detected. Two minor concerns involve HTTP usage for arXiv API and optional proxy configuration for scholarly library rate limiting.

16

Files scanned

8,534

Lines analyzed

6

findings

claude

Audited by

Low Risk Issues (2)

scripts/extract_metadata.py:223-230

arXiv API uses plain HTTP

The arXiv API endpoint uses HTTP: `url = 'http://export.arxiv.org/api/query'`. An attacker with network access could observe or modify metadata responses. The queried data is public scholarly metadata with no sensitive user data.

scripts/search_google_scholar.py:38-43

Optional free proxy for scholarly

Google Scholar search can optionally route traffic through free proxies: `pg.FreeProxies()` and `scholarly.use_proxy(pg)`. Proxy operators could observe search queries. This is explicitly optional, disabled by default, and documented in the script.

Risk Factors

⚡ Contains scripts (1)

scripts/doi_to_bibtex.py:1-10

🌐 Network access (1)

scripts/extract_metadata.py:108-112

📁 Filesystem access (1)

scripts/format_bibtex.py:37-39

🔑 Env variables (1)

scripts/search_pubmed.py:28-29