polars-dovmed
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill performs network requests to
https://api.newlineages.comto search and retrieve scientific literature metadata and full-text snippets. This behavior is the primary function of the tool and is used to fetch research data. - [COMMAND_EXECUTION]: The helper script
scripts/query_literature.pyis executed to perform complex queries. It uses standard Python libraries and implements structured data handling. - [SAFE]: The skill provides clear instructions for secure API key management and emphasizes manual verification for critical metadata like publication years and DOIs.
- [SAFE]: Analysis of indirect prompt injection surface:
- Ingestion points: API responses from
api.newlineages.comcontaining paper titles, abstracts, and matched text snippets are processed by the agent. - Boundary markers: The script
query_literature.pyoutputs results in a structured JSON format, providing natural boundaries. - Capability inventory: The agent can execute the bundled Python script and make further network requests to the same API.
- Sanitization: No explicit sanitization of the retrieved scientific text is performed before it is added to the agent's context.
Audit Metadata