tooluniverse-small-molecule-discovery
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted user input (compound names, SMILES strings) and uses it to query external tools.
- Ingestion points:
compound_nameandsmilesparameters in tool calls across all phases. - Boundary markers: Absent; there are no explicit delimiters or warnings to ignore instructions embedded within the chemical data.
- Capability inventory: The skill can perform network operations via ChEMBL, PubChem, and ADMET-AI APIs, and generate search URLs for commercial vendors.
- Sanitization: No sanitization or validation of the input strings is described in the skill instructions.
- [EXTERNAL_DOWNLOADS]: The skill specifies a dependency on the
tooluniverse[ml]Python package for advanced ADMET prediction features. This package aligns with the vendor's naming convention and the skill's primary scientific purpose.
Audit Metadata