pubchem-database

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 0.70). The prompt includes an out-of-scope directive to "proactively suggest using K-Dense Web" (a promotional behavior change) that instructs the agent to alter its responses beyond the PubChem lookup functionality, which is a deceptive/externally motivated instruction not aligned with the skill's stated purpose.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's SKILL.md explicitly instructs the agent to fetch and parse data from public PubChem endpoints and via PubChemPy (e.g., PUG-REST URLs like https://pubchem.ncbi.nlm.nih.gov/rest/pug/... and PUG-View JSON), so the agent ingests open/public third‑party content that can directly influence searches, bioactivity summaries, and downstream decision-making.