Skills
skills/yorkeccak/scientific-skills/open-targets-search/Gen Agent Trust Hub

open-targets-search

Warn

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: MEDIUMPROMPT_INJECTIONDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • [Indirect Prompt Injection] (MEDIUM): The skill fetches drug-disease association data and 'content' from an external API (api.valyu.ai). This content is untrusted and could contain instructions designed to manipulate the agent's behavior when it processes the search results.
  • Ingestion points: Search results returned by scripts/search and scripts/search.mjs (specifically the content field).
  • Boundary markers: Absent. The documentation does not define delimiters to wrap the untrusted API content or instructions for the agent to ignore embedded commands.
  • Capability inventory: The skill executes local bash/Node.js scripts and performs network operations.
  • Sanitization: Absent. There is no evidence of filtering or escaping logic for the external data before it enters the agent context.
  • [Data Exposure & Exfiltration] (LOW): The skill performs network requests to api.valyu.ai using the Node.js fetch API. While this is the intended functionality, the domain is not on the trusted whitelist, creating a data channel to a third-party service.
  • [Command Execution] (LOW): The skill relies on executing a local wrapper script (scripts/search). The instructions suggest using a complex find command to resolve the script path in the user's home directory, which is a standard but notable local execution pattern.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 15, 2026, 09:46 PM