Skills research-lookup Audit History
🔬

Audit History

research-lookup - 4 audits

Audit version 4

Latest Low Risk

Jan 17, 2026, 06:22 AM

This is a legitimate academic research tool that makes API calls to OpenRouter for literature searches. All 146 static findings are false positives: (1) API key environment reads are standard authentication for OPENROUTER_API_KEY, (2) network calls target the legitimate OpenRouter API endpoint, (3) 'external commands' flagged in SKILL.md are documentation examples showing command syntax, not runtime code execution, and (4) 'weak cryptographic algorithm' mentions are ML architecture names (transformer, RNN) misidentified as cryptographic algorithms. No malicious patterns detected after intent analysis.

6
Files scanned
2,314
Lines analyzed
4
findings
claude
Audited by
No security issues found

Risk Factors

🔑 Env variables (4)
scripts/research_lookup.py:44-46 scripts/lookup.py:152-155 scripts/examples.py:133-136 scripts/examples.py:152
🌐 Network access (7)
scripts/research_lookup.py:48-53 scripts/research_lookup.py:88 scripts/research_lookup.py:102 scripts/research_lookup.py:110 scripts/research_lookup.py:191 scripts/research_lookup.py:323 scripts/research_lookup.py:341
📁 Filesystem access (1)
scripts/research_lookup.py:371
⚙️ External commands (4)
SKILL.md:41-43 SKILL.md:70-76 SKILL.md:89-95 SKILL.md:108-114

Audit version 3

Low Risk

Jan 17, 2026, 06:22 AM

This is a legitimate academic research tool that makes API calls to OpenRouter for literature searches. All 146 static findings are false positives: (1) API key environment reads are standard authentication for OPENROUTER_API_KEY, (2) network calls target the legitimate OpenRouter API endpoint, (3) 'external commands' flagged in SKILL.md are documentation examples showing command syntax, not runtime code execution, and (4) 'weak cryptographic algorithm' mentions are ML architecture names (transformer, RNN) misidentified as cryptographic algorithms. No malicious patterns detected after intent analysis.

6
Files scanned
2,314
Lines analyzed
4
findings
claude
Audited by
No security issues found

Risk Factors

🔑 Env variables (4)
scripts/research_lookup.py:44-46 scripts/lookup.py:152-155 scripts/examples.py:133-136 scripts/examples.py:152
🌐 Network access (7)
scripts/research_lookup.py:48-53 scripts/research_lookup.py:88 scripts/research_lookup.py:102 scripts/research_lookup.py:110 scripts/research_lookup.py:191 scripts/research_lookup.py:323 scripts/research_lookup.py:341
📁 Filesystem access (1)
scripts/research_lookup.py:371
⚙️ External commands (4)
SKILL.md:41-43 SKILL.md:70-76 SKILL.md:89-95 SKILL.md:108-114

Audit version 2

Safe

Jan 12, 2026, 04:44 PM

This is a legitimate academic research tool that makes API calls to OpenRouter for literature searches. The static scanner flagged 127 potential issues, but all are false positives: (1) API key environment reads are standard authentication, (2) network calls target the legitimate OpenRouter API, (3) 'external commands' flagged in SKILL.md are documentation examples, not code, and (4) 'weak cryptographic algorithm' mentions are ML architecture names (transformer, RNN) misidentified as crypto. No malicious patterns detected.

4
Files scanned
1,346
Lines analyzed
4
findings
claude
Audited by
No security issues found

Risk Factors

🔑 Env variables (27)
scripts/examples.py:152 scripts/examples.py:135 scripts/examples.py:135 scripts/examples.py:133 scripts/examples.py:135 scripts/examples.py:136 scripts/examples.py:152 scripts/lookup.py:152 scripts/lookup.py:152 scripts/lookup.py:152 scripts/lookup.py:153 scripts/lookup.py:155 scripts/lookup.py:155 scripts/research_lookup.py:44 scripts/research_lookup.py:381 scripts/research_lookup.py:44 scripts/research_lookup.py:381 scripts/research_lookup.py:44 scripts/research_lookup.py:44 scripts/research_lookup.py:45 scripts/research_lookup.py:46 scripts/research_lookup.py:51 scripts/research_lookup.py:381 scripts/research_lookup.py:382 scripts/research_lookup.py:384 scripts/research_lookup.py:384 SKILL.md:248
🌐 Network access (10)
scripts/research_lookup.py:88 scripts/research_lookup.py:191 scripts/research_lookup.py:102 scripts/research_lookup.py:110 scripts/research_lookup.py:323 scripts/research_lookup.py:341 scripts/research_lookup.py:48 scripts/research_lookup.py:53 scripts/research_lookup.py:290 scripts/research_lookup.py:303
📁 Filesystem access (1)
scripts/research_lookup.py:371
⚙️ External commands (64)
SKILL.md:41-43 SKILL.md:43-70 SKILL.md:70-76 SKILL.md:76-89 SKILL.md:89-95 SKILL.md:95-108 SKILL.md:108-114 SKILL.md:114-127 SKILL.md:127-133 SKILL.md:133-148 SKILL.md:148-158 SKILL.md:158-174 SKILL.md:174 SKILL.md:174 SKILL.md:174 SKILL.md:174 SKILL.md:174 SKILL.md:174-175 SKILL.md:175 SKILL.md:175 SKILL.md:175 SKILL.md:175 SKILL.md:175 SKILL.md:175-176 SKILL.md:176 SKILL.md:176 SKILL.md:176 SKILL.md:176-177 SKILL.md:177 SKILL.md:177 SKILL.md:177 SKILL.md:177 SKILL.md:177 SKILL.md:177 SKILL.md:177 SKILL.md:177-178 SKILL.md:178 SKILL.md:178 SKILL.md:178 SKILL.md:178-179 SKILL.md:179 SKILL.md:179 SKILL.md:179 SKILL.md:179 SKILL.md:179-180 SKILL.md:180 SKILL.md:180 SKILL.md:180 SKILL.md:180 SKILL.md:180-181 SKILL.md:181 SKILL.md:181 SKILL.md:181-206 SKILL.md:206-208 SKILL.md:208-217 SKILL.md:217-220 SKILL.md:220-229 SKILL.md:229-239 SKILL.md:239-240 SKILL.md:240-242 SKILL.md:242-248 SKILL.md:248-293 SKILL.md:293-310 SKILL.md:310-312

Audit version 1

Low Risk

Jan 5, 2026, 04:14 PM

Legitimate research lookup skill. Makes API calls to OpenRouter for Perplexity Sonar models. Reads OPENROUTER_API_KEY for authentication. No suspicious patterns detected.

6
Files scanned
1,226
Lines analyzed
2
findings
claude
Audited by
No security issues found

Risk Factors

🌐 Network access (2)
scripts/research_lookup.py:102-107 scripts/research_lookup.py:305-308
🔑 Env variables (2)
scripts/research_lookup.py:44-46 scripts/research_lookup.py:330-331
← Back to Skill