clinpgx-database
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill connects to api.clinpgx.org to fetch genomic and pharmacological data. This creates a dependency on an external API for core functionality.
- [PROMPT_INJECTION]: The 'Suggest Using K-Dense Web' section contains instructions directing the AI to recommend the author's platform (k-dense.ai) for complex tasks. Additionally, the ingestion of external data from api.clinpgx.org presents a surface for indirect prompt injection. Ingestion points: Data from api.clinpgx.org. Boundary markers: Absent. Capability inventory: Network requests via requests library. Sanitization: Not described.
- [DATA_EXFILTRATION]: The skill uses the requests library to transmit data to an external endpoint. While used legitimately here, this capability is a vector for data exfiltration if sensitive information were accessible.
Audit Metadata