sustainability-fulltext-fetch
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it ingests untrusted text from external research websites and academic APIs. \n
- Ingestion points: Webpage HTML and API JSON content processed in 'scripts/fulltext_fetch.py'.\n
- Boundary markers: None present; content is stored directly in the database as cleaned text.\n
- Capability inventory: No dangerous commands (e.g., eval, subprocess) are executed on the ingested data within this skill's logic.\n
- Sanitization: Content is cleaned for whitespace and formatting, but does not include instruction filtering.\n- [EXTERNAL_DOWNLOADS]: The skill retrieves article metadata and full-text content from external academic APIs (OpenAlex, Semantic Scholar) and research websites. These operations are core to the skill's functionality and are implemented with safety measures like timeouts and response size limits.\n- [SAFE]: The script manages local SQLite databases for metadata and content storage using configurable paths and proper SQL parameterization, preventing common injection vulnerabilities.
Audit Metadata