Skills
skills/wentorai/research-plugins/nsf-award-api-guide/Gen Agent Trust Hub

nsf-award-api-guide

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches research grant information from official government endpoints at api.nsf.gov and research.gov.
  • [PROMPT_INJECTION]: The skill demonstrates processing of external award data (titles and abstracts) which represents an indirect prompt injection surface. Evidence Chain: 1. Ingestion points: Data enters via API responses from api.nsf.gov. 2. Boundary markers: No delimiters are used to wrap the ingested content in the provided code examples. 3. Capability inventory: No dangerous system-level capabilities (like file writes or secondary network calls) are performed using the ingested data. 4. Sanitization: No sanitization is implemented for the external text.
  • [COMMAND_EXECUTION]: Uses standard shell commands like curl and python3 -m json.tool for data retrieval and formatting purposes.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 04:35 AM