cosmic-database
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill connects to cancer.sanger.ac.uk to download genomic datasets. While this is a legitimate scientific source, users should monitor network activity and ensure they have registered for the required access.
- [CREDENTIALS_UNSAFE] (LOW): Documentation demonstrates passing authentication credentials (email/password) as plaintext arguments to functions and CLI commands. Users should use environment variables or secret managers instead of literal strings to avoid logging sensitive info in command history.
- [COMMAND_EXECUTION] (LOW): The skill executes a local script 'scripts/download_cosmic.py'. Although the script content was not provided for analysis, its documented behavior is consistent with standard data retrieval practices.
Audit Metadata