The Agent Skills Directory

[PROMPT_INJECTION] (MEDIUM): Deceptive Metadata. The documentation claims to use 'Version 94, September 2025'. As this date is in the future, it is categorized as deceptive metadata which can be used to mislead users or automated systems about the skill's provenance and currency.\n- [EXTERNAL_DOWNLOADS] (LOW): The skill installs the reactome2py package. While this is from a source not on the pre-approved trusted list (initially MEDIUM), the severity is downgraded as it is a core component for the skill's primary biological research purpose.\n- [DATA_EXFILTRATION] (SAFE): Network requests are directed to reactome.org. Although not on the whitelisted domains list (initially LOW), it is the primary API for the skill's function and is thus downgraded to SAFE.\n- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface.\n
Ingestion points: The analyze command in scripts/reactome_query.py reads data from a local file specified via command-line arguments.\n
Boundary markers: Absent. The script lacks delimiters or instructions to prevent the agent from executing commands embedded within the data files.\n
Capability inventory: The helper script has capabilities to read local files, perform network POST requests, and write results back to local storage.\n
Sanitization: No sanitization or validation of the input file content is performed before transmission to the API.

reactome-database