The Agent Skills Directory

[COMMAND_EXECUTION]: The orchestrate.py script manages a multi-step pipeline by executing several internal Python scripts (fetch_uniprot.py, fetch_opentargets.py, fetch_pubmed.py, fetch_local_de.py, and aggregate.py) via the subprocess module. These calls are performed using argument lists rather than shell strings, which is a safe practice that prevents shell injection.
[EXTERNAL_DOWNLOADS]: The pipeline performs network requests to well-known and trusted scientific data services including UniProt (rest.uniprot.org), OpenTargets (api.platform.opentargets.org), and PubMed (eutils.ncbi.nlm.nih.gov) using the standard urllib library.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) due to its data ingestion and processing workflow. 1. Ingestion points: Gene symbols are read from user-provided input files in orchestrate.py, and biological data is parsed from local CSV files in fetch_local_de.py. 2. Boundary markers: While the extracted data is structured into Markdown tables within the targets_report.md file, there are no explicit boundary markers or instructions telling the model to ignore potential malicious commands within the data cells. 3. Capability inventory: The skill has the capability to read local files, execute internal scripts, and access specific scientific network domains. 4. Sanitization: Input strings are stripped of whitespace, but no further sanitization or validation of the content within the ingested biological files is performed before it is presented to the LLM for rationale generation.

target-prioritization