tooluniverse-protein-interactions
Warn
Audited by Gen Agent Trust Hub on May 23, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The script "python_implementation.py" performs redirection of "stderr" to "/dev/null" using "os.dup2". While this is documented in "KNOWN_ISSUES.md" as a way to hide framework loading errors, globally suppressing error output from the process is a behavior associated with concealing malicious activity or bypassing logging and monitoring.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves unstructured text data from external biological databases and presents it to the agent.\n
- Ingestion points: Protein names, pathway descriptions, and functional annotations are fetched in "python_implementation.py" from STRING and BioGRID APIs.\n
- Boundary markers: The skill does not use delimiters or specific instructions to prevent the agent from following potential commands embedded in the retrieved data.\n
- Capability inventory: The agent has access to network tools and local file manipulation through the ToolUniverse framework.\n
- Sanitization: No validation or sanitization is performed on the data returned from external APIs before it is incorporated into the prompt context.\n- [EXTERNAL_DOWNLOADS]: The skill connects to established scientific databases including STRING (string-db.org), BioGRID (thebiogrid.org), and SASBDB (sasbdb.org). These connections are necessary for the skill's functionality and target recognized research infrastructure.
Audit Metadata