tooluniverse-target-research
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill retrieves and processes information from multiple external sources including PubMed, Open Targets, and other biological databases. This ingestion of external, untrusted content presents a surface where malicious instructions hidden in scientific text could potentially manipulate the agent's summary or analysis.
- Ingestion points: Data is pulled from external APIs like PubMed (abstracts), Open Targets, and Pharos.
- Boundary markers: The report structure uses markdown headers and tables, but lacks explicit 'ignore instructions' delimiters for the fetched content.
- Capability inventory: The agent can write files and execute tool calls to external services.
- Sanitization: No explicit sanitization or escaping of external text content is required before processing.
Audit Metadata