Skills
skills/jimmc414/kosmos/clinvar-database/Gen Agent Trust Hub

clinvar-database

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [Remote Code Execution] (HIGH): The file references/api_reference.md contains a command to download and execute a shell script from a remote FTP server using sh -c "$(curl -fsSL ...)". This pattern is a major security risk as it can be used to execute arbitrary malicious code on the host system. While the source is a government institution (NCBI), it is not within the explicitly defined trusted organizations and the execution pattern itself is unsafe.
  • [Indirect Prompt Injection] (LOW): The skill facilitates the ingestion of external clinical variant data from the NCBI API.
  • Ingestion points: REST API responses from eutils.ncbi.nlm.nih.gov.
  • Boundary markers: Absent; the documentation does not suggest using delimiters to separate data from instructions.
  • Capability inventory: The skill uses curl and Python's Biopython library to fetch and process data, and it includes instructions for shell-based tool installation.
  • Sanitization: No mention of input validation or sanitization for the retrieved API data, which could contain malicious content targeting the downstream agent.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 06:21 PM