Skills
skills/google-deepmind/science-skills/human-protein-atlas-database/Gen Agent Trust Hub

human-protein-atlas-database

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches protein data from proteinatlas.org and v25.proteinatlas.org. These are established and reputable scientific domains.
  • [COMMAND_EXECUTION]: Executes a local Python script scripts/hpa_cli.py to handle data retrieval and structured JSON output.
  • [PROMPT_INJECTION]: The skill was analyzed for indirect prompt injection surface as it ingests data from external sources. 1. Ingestion points: Data retrieved from HPA API endpoints (JSON and XML). 2. Boundary markers: No explicit delimiters are used for the external content. 3. Capability inventory: The skill has file system write access via the --output argument and network access to HPA domains. 4. Sanitization: The script uses urllib.parse.urlencode for parameters and standard library JSON/XML parsers for response processing.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 06:51 PM
Security Audit — agent-trust-hub — human-protein-atlas-database