The Agent Skills Directory

[REMOTE_CODE_EXECUTION] (HIGH): The file references/api_reference.md contains an installation instruction for Entrez Direct: sh -c "$(curl -fsSL ftp://ftp.ncbi.nlm.nih.gov/entrez/entrezdirect/install-edirect.sh)". This is a 'piped remote execution' pattern where a script is fetched from an external FTP server and executed immediately. While the host ncbi.nlm.nih.gov is a legitimate scientific institution, this method bypasses local security audits and hash verification.
[EXTERNAL_DOWNLOADS] (LOW): The skill documentation extensively references external API endpoints at eutils.ncbi.nlm.nih.gov for data retrieval. These are considered trustworthy scientific sources, but the skill relies on these external resources for its core functionality.
[PROMPT_INJECTION] (LOW): The skill is vulnerable to Indirect Prompt Injection because it ingests unstructured data from external biological databases.
Ingestion points: ClinVar API responses (JSON and XML) from eutils.ncbi.nlm.nih.gov described in references/api_reference.md.
Boundary markers: None identified in the provided documentation or implementation examples.
Capability inventory: The skill provides instructions for executing shell commands (curl) and Python scripts (Biopython) that process this external data.
Sanitization: No input validation or sanitization logic is present in the examples to prevent malicious instructions embedded in genomic metadata from influencing agent behavior.

clinvar-database