chembl-database
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill utilizes the
chembl_webresource_clientandpandasPython packages. While these are widely used in the scientific community, they are external dependencies not included in the predefined trusted source list. - [DATA_EXFILTRATION] (INFO): The script performs network requests to the European Bioinformatics Institute (EBI) ChEMBL API (
ebi.ac.uk). This is the intended behavior for retrieving molecule and bioactivity data. - [Indirect Prompt Injection] (LOW): The skill ingests external data from the ChEMBL API (e.g., molecule synonyms, activity comments) which could theoretically contain malicious instructions.
- Ingestion points: API response handling in
scripts/example_queries.py. - Boundary markers: None present in the example scripts.
- Capability inventory: Read-only operations and data display; no file-writing or system command execution capabilities are present in the provided scripts.
- Sanitization: No explicit sanitization of API strings is performed before output.
Audit Metadata