uniprot-database
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Data Exposure & Exfiltration (SAFE): The skill performs network requests to rest.uniprot.org, the official domain for UniProt services. While this domain is not on the pre-defined whitelist, the operations are essential to the primary purpose of the skill and no access to sensitive local files or credentials was detected.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The Python client depends on the standard requests library. No remote script execution (e.g., curl piped to bash) or dynamic code evaluation patterns are present.
- Indirect Prompt Injection (SAFE): The skill processes biological data from a curated external source. Evidence Chain: (1) Ingestion points: scripts/uniprot_client.py (via API responses); (2) Boundary markers: None; (3) Capability inventory: Network GET/POST requests; (4) Sanitization: None. Given the source is a reputable scientific database, the risk is negligible.
Audit Metadata