pytdc
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
uv pip install PyTDCto set up the environment. This is a standard installation procedure for the Therapeutics Data Commons library which is a common tool in the drug discovery domain.\n- [EXTERNAL_DOWNLOADS]: The skill fetches curated drug discovery datasets from the official Therapeutics Data Commons servers and associated GitHub repositories. These are well-known scientific resources from reputable academic organizations.\n- [PROMPT_INJECTION]: The skill processes external biomedical data which serves as a surface for indirect prompt injection.\n - Ingestion points: Data enters the agent context through dataset loading tasks such as ADME, Toxicity (Tox), and Drug-Target Interaction (DTI) defined in SKILL.md and the scripts folder.\n
- Boundary markers: The instructions do not employ specific delimiters or warnings to ignore embedded content during the ingestion of external molecular data.\n
- Capability inventory: All capabilities are focused on data analysis, including processing via pandas and numpy, and model evaluation through tdc.Evaluator. No arbitrary code execution or network exfiltration tools are identified in the data processing flow.\n
- Sanitization: The skill utilizes pre-curated datasets from the TDC platform and does not perform additional sanitization of the molecular SMILES strings or protein sequences before interpolation.
Audit Metadata