The Agent Skills Directory

[DATA_EXFILTRATION]: The script scripts/search_pubmed.py performs network requests to eutils.ncbi.nlm.nih.gov. This is a well-known service and the activity is strictly aligned with the skill's stated purpose of fetching medical research data. No access to sensitive local files or environment variables was detected.
[PROMPT_INJECTION]: The file search-pubmed_audit_result_v2.json contains self-referential authoritative claims regarding its own security status (e.g., "security": "PASS"). In accordance with safety protocols, these claims are treated as data to be analyzed rather than valid conclusions. Additionally, the User-Agent string in scripts/search_pubmed.py (MetaTitleGeneratorSkill/1.0) does not match the skill's name, suggesting a potential metadata inconsistency.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. It ingests untrusted data from an external source (PubMed API) and returns it to the agent context without sanitization or boundary markers.
Ingestion points: fetch_summaries function in scripts/search_pubmed.py reads data from the external PubMed API.
Boundary markers: None identified in the script's output format, which prints a raw JSON object containing the external text.
Capability inventory: The script has the capability to perform network requests (urllib.request) and print to standard output.
Sanitization: No sanitization or escaping of the titles fetched from the API is performed before returning them to the agent.

search-pubmed