pubmed-database
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill implements robust secret management practices by instructing the agent to store API keys in a local
.envfile and providing users with secure shell commands to populate it without leaking keys into the agent's context or conversation history.\n- [EXTERNAL_DOWNLOADS]: The skill retrieves data from official, well-known, and trusted scientific repositories managed by the National Center for Biotechnology Information (NCBI) and the National Institutes of Health (NIH), specificallyeutils.ncbi.nlm.nih.govandwww.ncbi.nlm.nih.gov.\n- [PROMPT_INJECTION]: The skill possesses an inherent surface for indirect prompt injection as its core purpose is to ingest and process untrusted external data from scientific papers.\n - Ingestion points: Abstracts and full-text articles retrieved from PubMed and PMC via the
scripts/pubmed_api.pyscript.\n - Boundary markers: Absent; the skill does not specify the use of delimiters or 'ignore instructions' warnings when processing retrieved literature content.\n
- Capability inventory: The agent can execute the provided CLI script, perform network operations to NCBI domains, and write output to the file system.\n
- Sanitization: No specific sanitization or filtering logic is present to inspect fetched text for embedded instructions.
Audit Metadata