fetch-pubmed-recent

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt explicitly instructs including an NCBI API key as "&api_key=..." when present in the environment, which requires the agent to embed a secret value verbatim into outgoing requests/commands (an exfiltration risk).

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.95). Outsider-authored free text is ingested at runtime from PubMed’s public records: the skill fetches abstracts via NCBI E-utilities efetch.fcgi?rettype=abstract (fallback) or via the PubMed MCP get_article_metadata/abstract fields (preferred), and those abstracts are authored by third parties.