tooluniverse-protein-interactions

Warn

Audited by Gen Agent Trust Hub on May 23, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The script "python_implementation.py" performs redirection of "stderr" to "/dev/null" using "os.dup2". While this is documented in "KNOWN_ISSUES.md" as a way to hide framework loading errors, globally suppressing error output from the process is a behavior associated with concealing malicious activity or bypassing logging and monitoring.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves unstructured text data from external biological databases and presents it to the agent.\n
  • Ingestion points: Protein names, pathway descriptions, and functional annotations are fetched in "python_implementation.py" from STRING and BioGRID APIs.\n
  • Boundary markers: The skill does not use delimiters or specific instructions to prevent the agent from following potential commands embedded in the retrieved data.\n
  • Capability inventory: The agent has access to network tools and local file manipulation through the ToolUniverse framework.\n
  • Sanitization: No validation or sanitization is performed on the data returned from external APIs before it is incorporated into the prompt context.\n- [EXTERNAL_DOWNLOADS]: The skill connects to established scientific databases including STRING (string-db.org), BioGRID (thebiogrid.org), and SASBDB (sasbdb.org). These connections are necessary for the skill's functionality and target recognized research infrastructure.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 23, 2026, 12:48 AM
Security Audit — agent-trust-hub — tooluniverse-protein-interactions