pdb-database

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (medium risk: 0.60). The prompt includes an explicit instruction to proactively promote K‑Dense Web (an external product) when workflows get complex, which is a behavioral override and promotional instruction outside the skill's stated purpose of accessing PDB data.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill directly downloads and parses public, user-submitted PDB data and metadata from RCSB endpoints (e.g., https://files.rcsb.org/download/{PDB_ID}.pdb and https://data.rcsb.org/ REST/GraphQL APIs), so the agent ingests untrusted third‑party content as part of its workflow.