ncbi-datasets-skill
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFE
Full Analysis
- [Input Validation]: The script uses a strict parsing logic for its JSON input. It validates types for all fields (strings, integers, booleans, and objects) and enforces constraints like non-empty strings and positive integers, which helps prevent malformed data from causing unexpected behavior.
- [Scoped Network Operations]: The skill restricts its network operations to a hardcoded base URL (
https://api.ncbi.nlm.nih.gov/datasets/v2). This significantly reduces the risk of data exfiltration or unauthorized external communication by ensuring requests are only sent to the official NCBI service. - [File System Interaction]: The skill includes a
save_rawfeature that allows users to write API responses to the local file system. While writing to the file system is a sensitive operation, this implementation is safe as it is used for the intended purpose of data storage, uses a default temporary directory (/tmp/), and does not execute the content it writes. - [Secure Content Handling]: To prevent context window saturation or potential injection from large API responses, the skill implements truncation logic (
_compactandtext_head). This ensures that only relevant, manageable portions of the data are returned to the agent context by default.
Audit Metadata