Skills
skills/cookjohn/cnki-skills/cnki-advanced-search/Gen Agent Trust Hub

cnki-advanced-search

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes mcp__chrome-devtools__evaluate_script to run custom JavaScript within the browser context. This code directly manipulates the DOM of the CNKI website to set form values (keywords, authors, dates) and trigger the search submission.
  • [PROMPT_INJECTION]: The skill defines a template for search automation where the agent is instructed to replace placeholders like "KEYWORDS" and "CSSCI" with data parsed from the natural language $ARGUMENTS.
  • Ingestion points: Search criteria provided in $ARGUMENTS (SKILL.md).
  • Boundary markers: Absent. The skill does not provide delimiters or instructions to escape special characters during interpolation.
  • Capability inventory: Full DOM access and script execution capabilities within the target domain via evaluate_script (SKILL.md).
  • Sanitization: Absent. There is no logic provided to sanitize or validate the user input before it is inserted into the JavaScript string, creating a surface for indirect script injection if the agent naively interpolates malicious content.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 04:57 PM