Skills
skills/jaechang-hits/sciagent-skills/gget-genomic-databases/Gen Agent Trust Hub

gget-genomic-databases

Warn

Audited by Gen Agent Trust Hub on Mar 16, 2026

Risk Level: MEDIUMCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONREMOTE_CODE_EXECUTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The cosmic module asks for user credentials (email and password) as plaintext function arguments. Similarly, the gpt module requires an OpenAI API key. This approach can lead to credentials being exposed in code repositories or command history.
  • [EXTERNAL_DOWNLOADS]: The skill automates the retrieval of large datasets and reference genomes from trusted scientific organizations such as Ensembl and the Sanger Institute.
  • [COMMAND_EXECUTION]: Workflow examples demonstrate the use of the Python subprocess module to execute external bioinformatics tools like kb-python, which represents a vector for arbitrary command execution.
  • [DATA_EXFILTRATION]: Through the gpt module, research data and genomic sequences may be transmitted to the OpenAI platform.
  • [REMOTE_CODE_EXECUTION]: The setup commands for modules like alphafold and cellxgene download and install external binaries and Python packages, executing installation scripts from remote sources.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 16, 2026, 02:32 AM