Building Paper Screening Rubrics
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches scientific paper metadata and abstracts from the National Center for Biotechnology Information (NCBI) PubMed E-utilities API. This is a well-known and trusted government-hosted repository for scientific literature.
- [PROMPT_INJECTION]: The skill processes untrusted abstract text from external sources, which introduces a surface for indirect prompt injection attacks.
- Ingestion points: Paper abstracts are downloaded from the PubMed API via curl commands and stored locally in abstracts-cache.json (SKILL.md).
- Boundary markers: There are no explicit boundary markers or instructions to the model to disregard potential commands hidden within the abstract text.
- Capability inventory: The skill performs keyword matching and scoring logic, and it has the ability to write classification results to local JSON files (papers-reviewed.json, test-set.json).
- Sanitization: The skill does not perform sanitization, escaping, or validation of the retrieved abstract content before processing.
Audit Metadata