pubmed-database
Warn
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: MEDIUMPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: Metadata Poisoning
- The 'skill-author' field in the metadata is set to 'K-Dense Inc.', which contradicts the recognized author context of 'sickn33'.
- [PROMPT_INJECTION]: Obfuscation
- The technical support email address is hidden using a reversed string: 'vog.hin.mln.ibcn@seitilitue' (decodes to 'eutilities@ncbi.nlm.nih.gov').
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface
- Ingestion points: The skill retrieves article IDs and abstracts from the external PubMed database (Capability 4).
- Boundary markers: There are no explicit delimiters or instructions to ignore embedded content when processing retrieved abstracts.
- Capability inventory: The skill is designed for network operations via the 'requests' library.
- Sanitization: No sanitization, validation, or filtering of the retrieved third-party content is documented or implemented in the provided logic.
- [EXTERNAL_DOWNLOADS]: Well-Known Service Reference
- The skill programmatically fetches biomedical data from the official NCBI E-utilities API at 'ncbi.nlm.nih.gov'.
Audit Metadata