The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The file 'references/data-access.md' contains code that uses 'pickle.load' and 'pickle.dump' to manage a local cache of parsed DrugBank data. Loading data from pickle files is a known security vulnerability that can allow arbitrary code execution if an attacker modifies the stored file.
[EXTERNAL_DOWNLOADS]: The skill provides procedures for downloading the DrugBank database and querying its JSON API via 'go.drugbank.com'. While these are the official domains for the service, users should be aware that the skill depends on these external network resources.
[COMMAND_EXECUTION]: Installation instructions in 'SKILL.md' direct users to install multiple Python libraries, including 'drugbank-downloader', 'bioversions', 'rdkit', and 'networkx', which involves executing commands to fetch code from public package registries.
[PROMPT_INJECTION]: The skill processes external, structured pharmaceutical data (XML/JSON) from the DrugBank database, which creates a surface for indirect prompt injection. (1) Ingestion points: Data is downloaded from go.drugbank.com and parsed locally. (2) Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the provided parsing logic. (3) Capability inventory: The skill has the ability to perform network requests via 'requests' and write to the local file system using 'pandas' and 'pickle'. (4) Sanitization: The provided code does not show explicit sanitization or structural validation of the external content beyond basic XML/JSON parsing.

drugbank-database