literature-research
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill retrieves academic data from trusted and well-known repositories.
- Evidence:
scripts/literature_deep_review.pyandscripts/pubmed_literature_search.pyfetch research metadata and abstracts from NCBI E-utilities (eutils.ncbi.nlm.nih.gov) and ClinicalTrials.gov. Additionally,scripts/literature_deep_review.pydownloads full-text XML from PubMed Central (PMC) and checks the Unpaywall API (api.unpaywall.org) for free article versions. - [PROMPT_INJECTION]: The skill ingests untrusted text content from external research databases, creating an attack surface for indirect prompt injection if the resulting data is analyzed by an LLM.
- Ingestion points: Research titles, abstracts, and full texts are fetched from external APIs in
scripts/pubmed_literature_search.pyandscripts/literature_deep_review.py. - Boundary markers: Absent; article content is retrieved and stored without specific delimiters or instructions to ignore embedded commands.
- Capability inventory: The scripts are restricted to network GET requests to academic APIs and local file writing within the .tmp/ directory. No capabilities for code execution or system-level changes are present.
- Sanitization: Content is parsed using standard XML and JSON libraries, but narrative text is not filtered for potential malicious instructions.
Audit Metadata