The Agent Skills Directory

Data Exposure & Exfiltration (LOW): The script scripts/reactome_query.py performs network requests using the requests library to reactome.org. While this is a legitimate bioinformatics service, the domain is not included in the trusted whitelist.
Unverifiable Dependencies (LOW): The SKILL.md documentation recommends the installation of reactome2py==3.0.0. Although it is a versioned package on PyPI, it is a third-party dependency from an external source not on the trusted list.
Indirect Prompt Injection (LOW): The skill ingests untrusted data from local files and processes it for API analysis. 1. Ingestion points: scripts/reactome_query.py reads user-specified gene list files in the command_analyze function. 2. Boundary markers: Absent; the script reads line-by-line and joins identifiers with newlines without delimiters or instructions to ignore embedded content. 3. Capability inventory: The script can perform network POST requests to an external API and write results to the local filesystem. 4. Sanitization: Absent; input strings are stripped but not validated or escaped before being sent to the external service.

reactome-database