Skills
skills/openai/plugins/civic-skill/Gen Agent Trust Hub

civic-skill

Pass

Audited by Gen Agent Trust Hub on May 2, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [Service Interaction]: The skill connects to the official CIViC database API at https://civicdb.org/api/graphql. This is an established public resource for clinical interpretation of cancer variants, and the connection is used strictly to retrieve research data.
  • [Dependency Management]: The script uses the standard requests library for network operations. It includes graceful error handling if the package is missing, which is a good practice for portable scripts.
  • [Data Handling and Truncation]: To ensure efficient processing and prevent very large responses from overwhelming the agent, the script implements an internal _compact function. This function limits the depth and size of the JSON data returned to the agent.
  • [File System Interaction]: The skill can optionally save raw GraphQL responses to a local file (e.g., in /tmp/). This is a common pattern for debugging or local record-keeping and requires explicit configuration by the user via the save_raw parameter.
  • [Input Validation]: The script includes robust validation for all input fields, including query, variables, and timeout_sec. It ensures that user-provided values meet expected types and constraints before execution.
Audit Metadata
Risk Level
SAFE
Analyzed
May 2, 2026, 03:27 PM