Skills
skills/google-deepmind/science-skills/clinical-trials-database/Snyk

clinical-trials-database

Warn

Audited by Snyk on May 19, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.80). The skill's CLI (scripts/clinical_trials_api.py) directly queries the public ClinicalTrials.gov API (BASE_URL = "https://clinicaltrials.gov/api/v2") via commands like search, get-study, get-eligibility and raw-query and ingests returned (rich-text) study records as part of normal workflow, so untrusted public content from ClinicalTrials.gov could influence subsequent interpretation or actions.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 19, 2026, 06:50 PM
Issues
1
Security Audit — snyk — clinical-trials-database