drugbank-database
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION] (MEDIUM): Unsafe deserialization of cache files. The 'Data Caching Strategy' section in 'references/data-access.md' uses
pickle.load()to read data fromdrugbank_parsed.pkl. Because the pickle module is inherently insecure, an attacker who can modify this local cache file can achieve arbitrary code execution when the skill loads the data. - [EXTERNAL_DOWNLOADS] (MEDIUM): Vulnerable XML parsing of external content. The skill instructions use
xml.etree.ElementTreeto parse downloaded DrugBank XML data. This standard library parser is vulnerable to XML External Entity (XXE) and billion laughs attacks, posing a risk if the downloaded database file is compromised or maliciously crafted. - [EXTERNAL_DOWNLOADS] (LOW): Third-party package dependencies. The skill requires the installation of multiple external Python packages such as
drugbank-downloaderandbioversions. While these are standard for the task, they represent an expanded attack surface for supply chain vulnerabilities.
Audit Metadata