rhea-skill
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFE
Full Analysis
- Standard REST Client Implementation: The skill utilizes a generic Python-based REST client (
scripts/rest_request.py) to communicate with the Rhea database (rhea-db.org). The script includes strict parameter validation and type checking to ensure input conforms to expected formats. - Controlled Network Activity: Network requests are scoped to a well-known scientific database. The script handles response headers and content types appropriately, with built-in mechanisms for compacting data to prevent large output buffers.
- File System Usage: The script includes a feature to save raw responses to the local filesystem (defaulting to
/tmp/). While this involves file writing, it is gated by explicit configuration (save_raw) and uses sanitization for the default filenames based on the service name.
Audit Metadata