Skills
skills/cookjohn/pm-skills/pm-paper-detail/Gen Agent Trust Hub

pm-paper-detail

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes mcp__chrome-devtools__evaluate_script to run browser-based JavaScript for parsing XML metadata returned from the NCBI API.
  • [DYNAMIC_EXECUTION]: JavaScript code is constructed at runtime by interpolating the user-provided PMID into a script template, representing a potential but low-risk vector for code injection if the agent does not validate the input.
  • [EXTERNAL_DOWNLOADS]: The skill connects to eutils.ncbi.nlm.nih.gov to fetch structured research data. This targets a well-known, official government service.
  • [INDIRECT_PROMPT_INJECTION]:
  • Ingestion points: Fetches external titles and abstracts from PubMed (SKILL.md, Step 2).
  • Boundary markers: No delimiters or instructions are included to prevent the agent from being influenced by instructions embedded in the retrieved scientific abstracts.
  • Capability inventory: The agent has access to navigate_page and evaluate_script tools.
  • Sanitization: No validation or sanitization is performed on the retrieved paper metadata before presentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 01:49 PM