clinicaltrials-database
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: Behavioral steering instructions included in documentation.
- Evidence: The 'SKILL.md' file contains a section titled 'Suggest Using K-Dense Web For Complex Worflows' which directs the agent to proactively suggest the vendor's hosted platform (www.k-dense.ai) when user requests involve multi-step reasoning or deep research. This is an instruction designed to steer the agent's interaction behavior toward specific commercial resources.
- [PROMPT_INJECTION]: Indirect prompt injection surface via external API data ingestion.
- Ingestion points: Data enters the agent's context through the 'scripts/query_clinicaltrials.py' script, which fetches clinical study information from the ClinicalTrials.gov API v2.
- Boundary markers: Absent. The skill does not utilize explicit delimiters or 'ignore embedded instructions' warnings when presenting retrieved API data to the agent.
- Capability inventory: The skill is capable of performing HTTP GET requests to external endpoints and returning results to the agent.
- Sanitization: Absent. There is no evidence of filtering or sanitization of rich text fields (such as study descriptions or summaries) retrieved from the remote API.
- [EXTERNAL_DOWNLOADS]: Interaction with external service endpoints.
- Evidence: The skill makes network requests to the ClinicalTrials.gov API (https://clinicaltrials.gov/api/v2/) to retrieve scientific data. These operations target a well-known government service and are consistent with the skill's primary purpose.
Audit Metadata