dbsnp-database
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill's behavior aligns with its stated purpose of genomic data retrieval.
- [CREDENTIALS_UNSAFE]: The skill follows secure credential management practices. It instructs the user to store the
NCBI_API_KEYin a.envfile and provides a bash command to do so securely without leaking the key into the agent's conversation history. It further instructs the agent never to read or print the contents of the.envfile. - [EXTERNAL_DOWNLOADS]: The skill makes network requests to official NCBI domains (
api.ncbi.nlm.nih.govandeutils.ncbi.nlm.nih.gov). These are well-known, authoritative sources for biological data and are considered safe. - [COMMAND_EXECUTION]: The skill uses a local Python wrapper script to handle API interactions. The shell commands provided in the documentation use proper quoting (e.g., wrapping HGVS strings in single quotes) to prevent command injection or shell expansion errors.
Audit Metadata