skills/kthorn/research-superpower/Building Paper Screening Rubrics/Snyk

Building Paper Screening Rubrics

Warn

Audited by Snyk on Mar 13, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to fetch and ingest abstracts from PubMed using NCBI E-utilities (e.g., curl "https://eutils.ncbi.nlm.nih.gov/...") and to read and score those public abstracts as part of its rubric/testing and bulk-screening workflow, so untrusted third-party content can materially influence decisions and next actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Potentially malicious external URL detected (high risk: 0.80). The skill issues runtime curl calls to NCBI Entrez (https://eutils.ncbi.nlm.nih.gov/entrez/eutils/esearch.fcgi and https://eutils.ncbi.nlm.nih.gov/entrez/eutils/efetch.fcgi) to fetch abstracts which are injected into the agent's context and used to drive prompts and scoring, so external content directly controls agent behavior.

Issues (2)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012

MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Mar 13, 2026, 02:27 AM

Issues

2