literature-search-biorxiv
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill interacts exclusively with the legitimate bioRxiv API at api.biorxiv.org for retrieving scientific metadata. The scripts follow best practices for network interaction and local data processing.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes untrusted paper titles and abstracts from an external repository. However, the risk is inherent to the skill's purpose and the data is not used in a way that allows command execution or unauthorized actions.
- Ingestion points: Untrusted metadata is fetched via
api.biorxiv.orginscripts/search_by_dates.pyandscripts/search_by_doi.py. - Boundary markers: None present in the JSON output to the agent.
- Capability inventory: The skill tools only output text to stdout; they do not perform shell execution, network exfiltration of sensitive data, or unauthorized file writes.
- Sanitization: External data is properly encoded into JSON format before being presented to the agent.
Audit Metadata