Skills
skills/shzhao27208/aut_sci_write/sci-search/Gen Agent Trust Hub

sci-search

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill performs network operations to retrieve paper metadata from well-known academic services, including export.arxiv.org, api.clarivate.com (Web of Science), and eutils.ncbi.nlm.nih.gov (PubMed). These requests are limited to the user's search query and do not transmit sensitive local data.\n- [COMMAND_EXECUTION]: The tool executes the sci_search.py script to manage search requests, process results, and handle library persistence. This is standard behavior for an agent skill of this type.\n- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes and displays data from external academic sources.\n
  • Ingestion points: External data is fetched from the arXiv, PubMed, and Web of Science APIs in sci_search.py.\n
  • Boundary markers: While search results are structured using Markdown headers and bullet points, the skill does not provide explicit instructions for the agent to ignore instructions embedded within the paper metadata.\n
  • Capability inventory: The skill writes to a local library.json file for caching and supports writing search reports to user-specified file paths.\n
  • Sanitization: Content such as paper titles and abstracts are utilized directly without specific sanitization against prompt injection attacks.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 03:07 PM