pm-search
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches literature metadata from the official NCBI E-utilities API at
eutils.ncbi.nlm.nih.gov. This is a well-known and trusted government service for scientific research. - [COMMAND_EXECUTION]: Uses browser automation tools to navigate the PubMed website and execute JavaScript for data extraction. The scripts are used to process JSON responses from the official API into a structured format for the user.
- [PROMPT_INJECTION]: The skill processes external data (article titles and metadata) from PubMed, which creates a surface for indirect prompt injection if an attacker were to intentionally publish literature with malicious content in its metadata. However, this is a risk inherent to all data-retrieval skills and is mitigated by the fact that the source is a curated scientific database.
- Ingestion points: Metadata results from
eutils.ncbi.nlm.nih.govprocessed inSKILL.md. - Boundary markers: None explicitly defined.
- Capability inventory: Browser navigation (
navigate_page) and script execution (evaluate_script). - Sanitization: Not explicitly implemented for the display text, though the data is handled as structured JSON from the API.
Audit Metadata