gene-database
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill does not use subprocesses or shell commands. All operations are handled through native Python code.
- [DATA_EXFILTRATION] (SAFE): Network communication is limited to ncbi.nlm.nih.gov. No sensitive local data is targeted or sent to untrusted domains.
- [REMOTE_CODE_EXECUTION] (SAFE): The skill does not dynamically load code or execute remote scripts. It uses standard parsing for API responses.
- [PROMPT_INJECTION] (LOW): The skill has an indirect injection surface as it ingests untrusted data from the NCBI API and local files. 1. Ingestion points: scripts/batch_gene_lookup.py (local file read), all scripts (NCBI API responses). 2. Boundary markers: Absent in skill logic. 3. Capability inventory: Network read (urllib.request.urlopen), Local file write (scripts/batch_gene_lookup.py). 4. Sanitization: Inputs are URL-encoded and outputs are processed through structured JSON/XML parsers.
Audit Metadata