pdb-database
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill correctly implements access to the Protein Data Bank, a reputable and well-known scientific repository. No malicious patterns, obfuscation, or safety bypass attempts were detected.
- [EXTERNAL_DOWNLOADS]: The skill facilitates the download of structural coordinate files (PDB/mmCIF) from the official RCSB servers at files.rcsb.org. These are standard data files used in bioinformatics and do not contain executable code.
- [COMMAND_EXECUTION]: The reference documentation includes a debugging example using the
subprocess.runmodule to executecurl. The example is implemented safely with a fixed argument list and a hardcoded URL to the official data API. - [PROMPT_INJECTION]: The skill features a potential surface for indirect prompt injection by processing external metadata (e.g., protein titles or descriptions) retrieved from the RCSB database. \n
- Ingestion points: Data is retrieved from the RCSB Data and Search APIs (data.rcsb.org). \n
- Boundary markers: No specific delimiters or instructions to ignore embedded commands are included in the prompt examples when handling retrieved metadata. \n
- Capability inventory: The skill includes capabilities for writing to the local filesystem and executing shell commands (as documented in debugging tips). \n
- Sanitization: The provided examples demonstrate direct processing of retrieved fields without explicit sanitization, which is typical for scientific data handling but notes a surface for indirect injection.
Audit Metadata