bioservices
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the 'bioservices' Python package from standard package registries.
- [COMMAND_EXECUTION]: The provided scripts perform filesystem operations to manage biological data:
- 'batch_id_converter.py', 'compound_cross_reference.py', and 'pathway_analysis.py' execute file writes to save analysis results in CSV and SIF formats.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes data retrieved from external bioinformatics web services and local user-provided files.
- Ingestion points: External data enters the agent's context through API responses in 'protein_analysis_workflow.py' (UniProt, NCBI, KEGG) and 'compound_cross_reference.py' (KEGG, ChEMBL), as well as through local input files in 'batch_id_converter.py'.
- Boundary markers: The skill does not implement delimiters or specific instructions to separate external data from agent commands.
- Capability inventory: All Python scripts in the 'scripts/' directory perform network operations to scientific databases and/or conduct local file system writes.
- Sanitization: There is no evidence of sanitization or filtering of the retrieved biological data to remove potential instructions before it is presented to the agent.
Audit Metadata