文献综述自动器

The skill is a legitimate tool for academic literature review, fetching data from Semantic Scholar, arXiv, and CrossRef. However, it is classified as suspicious due to several security vulnerabilities. Specifically, the LLM API endpoint (llm_api_base) is user-configurable in 'main.py' and 'config.json', which could allow for the exfiltration of the 'llm_api_key' if redirected to a malicious server. Additionally, the tool is vulnerable to indirect prompt injection because it fetches untrusted paper abstracts from external APIs and incorporates them directly into LLM prompts within 'main.py' without sanitization. No evidence of intentional malice or data exfiltration to unauthorized domains was found.