pubmed-linker
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFENO_CODEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, prompt injections, or unauthorized data exfiltration behaviors were detected. The skill's logic is consistent with its stated purpose of medical literature management.
- [NO_CODE]: The skill contains no executable code, scripts, or binaries; it consists entirely of markdown-based instructions for tool usage.
- [EXTERNAL_DOWNLOADS]: The skill references tools that download content from well-known scientific domains including pubmed.ncbi.nlm.nih.gov and doi.org, which are considered trusted sources for academic research.
- [PROMPT_INJECTION]: This skill possesses an indirect prompt injection surface (Category 8) as it processes external literature data. Ingestion points: PubMed search results and paper metadata. Boundary markers: Absent from instructions. Capability inventory: Network requests (via PubMed tools) and file modification for reference updates. Sanitization: The skill implements internal verification logic, requiring a >80% match for title and consistent metadata before updating records.
Audit Metadata