PubMed-Search
Fail
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: Recommends installation of the 'uv' package manager using a shell script fetched from the astral.sh official domain.
- [PROMPT_INJECTION]: Processes untrusted literature metadata from the PubMed API to generate analysis prompts.
- Ingestion points: Article metadata (titles, abstracts) entering via pubmed_search.py.
- Boundary markers: Absent in the analysis prompt template in pubmed_search.py.
- Capability inventory: Network operations via the requests library and file system write operations for PDF and Markdown storage in pubmed_search.py.
- Sanitization: No escaping or validation of external article content before interpolation.
Recommendations
- HIGH: Downloads and executes remote code from: https://astral.sh/uv/install.sh - DO NOT USE without thorough review
Audit Metadata