pubchem-database
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): The skill performs network requests to PubChem's API (pubchem.ncbi.nlm.nih.gov). This is the intended purpose of the skill and no sensitive local data is accessed or transmitted.\n- [Indirect Prompt Injection] (LOW):\n
- Ingestion points: Data is ingested from the external PubChem API in scripts/bioactivity_query.py and scripts/compound_search.py.\n
- Boundary markers: Absent. No delimiters or instructions are used to separate API data from agent logic.\n
- Capability inventory: Includes network requests and file writing (pcp.download).\n
- Sanitization: No sanitization is performed on external data before it is processed by the agent.\n- [Command Execution] (LOW): The download_structure function in scripts/compound_search.py can write files to the local disk. This functional capability could be exploited for path traversal if provided with a malicious filename.
Audit Metadata