pubchem-database
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The scripts rely on the
requestsandpubchempylibraries, which are external packages from PyPI and are not provided by trusted organizations or repositories. - DATA_EXFILTRATION (LOW): The skill communicates with
pubchem.ncbi.nlm.nih.gov. Although this is a legitimate scientific database, the domain is not on the trusted whitelist for network operations. - PROMPT_INJECTION (MEDIUM): The skill exhibits an indirect prompt injection attack surface. (1) Ingestion points: Chemical data is retrieved from the PubChem REST API in both
scripts/bioactivity_query.pyandscripts/compound_search.py. (2) Boundary markers: The scripts do not use delimiters or instructions to ensure the agent ignores potentially malicious commands embedded in the chemical descriptions or metadata. (3) Capability inventory: Thedownload_structurefunction inscripts/compound_search.pyprovides the ability to write data to the filesystem. (4) Sanitization: There is no evidence of data sanitization or structural validation for the content fetched from the external API.
Audit Metadata