Skills
skills/thegovind/claude-scientific-skills/drugbank-database/Gen Agent Trust Hub

drugbank-database

Warn

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: MEDIUMREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [DYNAMIC_EXECUTION]: The skill documentation provides guidance on using the pickle module to store and load processed database results.
  • Evidence: In references/data-access.md, a code snippet demonstrates loading cached data using pickle.load(), which is an unsafe deserialization pattern for local files.
  • [EXTERNAL_DOWNLOADS]: The skill fetches pharmaceutical datasets from a well-known service.
  • Evidence: The skill utilizes the drugbank-downloader package to retrieve database XML files from the official DrugBank service at go.drugbank.com.
  • [COMMAND_EXECUTION]: Provides instructions for system environment setup and dependency installation.
  • Evidence: SKILL.md contains a shell script block for installing several Python libraries, such as rdkit and networkx, using the uv pip install command.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 29, 2026, 02:24 AM