The Agent Skills Directory

[SAFE]: The skill is a standard scientific research SDK authored by a recognized academic institution (Harvard University's Zitnik Lab). It provides programmatic access to well-known scientific databases and tools such as UniProt, ChEMBL, and PubMed.
[DATA_EXPOSURE]: The skill requires several API keys (OpenAI, NCBI, USPTO) for full functionality. However, it follows security best practices by instructing users to manage these via environment variables or .env files rather than hardcoding them.
[EXTERNAL_DOWNLOADS]: The skill installs the tooluniverse Python package and its variants from official registries. These resources are owned by the vendor 'mims-harvard' and are considered legitimate vendor resources.
[PROMPT_INJECTION]: The skill includes instructions to the agent regarding language handling (translating inputs to English). These are functional guidelines for proper tool use and do not constitute malicious injection.
[INDIRECT_PROMPT_INJECTION]: The skill possesses an inherent attack surface for indirect prompt injection because it retrieves and processes unstructured data from external scientific sources (PubMed titles, database entries).
Ingestion points: Data enters the context via tools like UniProt_get_entry_by_accession, PubMed_search_articles, and OpenTargets API calls.
Boundary markers: The provided documentation does not explicitly show the use of delimiters or 'ignore' warnings for the external data in the code snippets.
Capability inventory: The SDK can perform network operations (API calls) and has a FileSaveHook for local file writes in the REFERENCE.md documentation.
Sanitization: Explicit sanitization or validation of the retrieved scientific content before it is processed by the LLM is not detailed in the skill's instructions.

tooluniverse-sdk