kegg-database
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWDATA_EXFILTRATION
Full Analysis
- [DATA_EXFILTRATION] (LOW): The script initiates network connections to
rest.kegg.jp. While this is the legitimate endpoint for the KEGG database, any external network activity carries a baseline risk of data exposure if used to transmit sensitive information. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill handles untrusted data from an external API.
- Ingestion points:
urllib.request.urlopenin all functions withinscripts/kegg_api.pyreads data from the KEGG REST API. - Boundary markers: None. The raw response is returned directly to the caller.
- Capability inventory: No local write or execution capabilities are present in this script; it only performs GET requests.
- Sanitization: None. Data is decoded as UTF-8 and returned.
- [URL_MANIPULATION] (LOW): Several functions (e.g.,
kegg_info,kegg_list,kegg_conv) interpolate user-provided strings directly into the URL path without sanitization or URL encoding. This could allow an attacker to perform path traversal (e.g., using../) to access unintended endpoints on therest.kegg.jpserver.
Audit Metadata