pdb-database

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (medium risk: 0.60). The prompt includes an explicit instruction to proactively promote K‑Dense Web (an external product) when workflows get complex, which is a behavioral override and promotional instruction outside the skill's stated purpose of accessing PDB data.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's SKILL.md explicitly instructs the agent to fetch and parse public RCSB PDB data (e.g., requests.get to https://files.rcsb.org/download/{PDB_ID}.pdb and fetch()/GraphQL examples), which are open, third‑party (user‑submitted) resources the agent must read and act on, so untrusted content can materially influence its decisions or tool use.