tooluniverse-binder-discovery
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection risk.
- Ingestion points: The skill retrieves and processes data from numerous external, untrusted sources including PubMed, BioRxiv, MedRxiv, ChEMBL, and PubChem (SKILL.md).
- Boundary markers: The skill lacks explicit boundary markers or instructions to the agent to ignore or isolate instructions that might be embedded within the retrieved scientific data.
- Capability inventory: The skill possesses file-writing capabilities (creating report.md and compounds.csv) and execution of various specialized computational tools across multiple phases of the workflow.
- Sanitization: No sanitization, validation, or escaping of content retrieved from external repositories is defined before the data is summarized or included in reports.
- [SAFE]: Credential Security. The skill correctly instructs the use of environment variables for the NVIDIA_API_KEY, avoiding hardcoded secrets within the skill body.
- [SAFE]: Trusted External Sources. The repositories and databases targeted (UniProt, RCSB PDB, ChEMBL, OpenTargets) are well-known, authoritative scientific services.
Audit Metadata