uniprot-database
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWEXTERNAL_DOWNLOADS
Full Analysis
- [Data Exposure & Exfiltration] (LOW): The script
scripts/uniprot_client.pyutilizes therequestslibrary to communicate withrest.uniprot.org. While this domain is not included in the trusted whitelist, it is the official endpoint for the UniProt database required for the skill's functionality. - [Indirect Prompt Injection] (LOW): The skill processes biological data and annotations from an external source, which represents a potential injection surface. Evidence Chain: 1. Ingestion points:
scripts/uniprot_client.py(fetching protein records via HTTP). 2. Boundary markers: Absent. 3. Capability inventory: Restricted to read/display via standard output; no file-system writing, arbitrary command execution, or evaluation capabilities are present. 4. Sanitization: Absent. The limited capability tier reduces the severity of this risk.
Audit Metadata