Skills
skills/jaechang-hits/sciagent-skills/pride-database/Gen Agent Trust Hub

pride-database

Pass

Audited by Gen Agent Trust Hub on Mar 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches proteomics datasets, project metadata, and file manifests from the PRIDE Archive REST API hosted by the European Bioinformatics Institute (EMBL-EBI). All remote references target this well-known scientific organization.
  • [COMMAND_EXECUTION]: Provides instructions to install standard, reputable Python packages from public registries: requests, pandas, and matplotlib.
  • [PROMPT_INJECTION]: The skill ingests untrusted data (project titles, descriptions, and metadata) from the PRIDE API. This data is processed and printed without explicit sanitization or boundary markers, creating a surface for indirect prompt injection. However, since the source is a highly regulated and reputable international research organization (EMBL-EBI), the practical risk is minimal.
  • Ingestion points: API response parsing in search_projects, get_project, get_peptides, and get_psms functions within SKILL.md.
  • Boundary markers: None present; data is interpolated directly into strings or DataFrames.
  • Capability inventory: Local file system writes are used for data exports (to_csv, savefig, open().write()) in various workflows within SKILL.md.
  • Sanitization: No explicit sanitization or validation of the retrieved text data is performed before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 16, 2026, 02:32 AM