bioservices
Warn
Audited by Snyk on Feb 16, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). BioServices explicitly fetches and parses public third-party data from open web services (e.g., UniProt via UniProt.search()/retrieve(), KEGG via k.get()/lookfor_pathway(), NCBIblast.run(), PSICQUIC.query(), etc.) which the agent reads and interprets at runtime, exposing it to untrusted external content.
Audit Metadata