Historial de auditorías - drugbank-database

Versión de auditoría 4

Más reciente Seguro

Jan 17, 2026, 06:51 AM

This is a legitimate scientific skill for accessing the DrugBank bioinformatics database. All 353 static findings are FALSE POSITIVES caused by the analyzer misinterpreting Markdown code block syntax and bioinformatics terminology. The skill uses the official drugbank-downloader package for authenticated access to a recognized public database. No actual security risks were identified after manual evaluation.

8

Archivos escaneados

2,964

Líneas analizadas

4

hallazgos

claude

Auditado por

No se encontraron problemas de seguridad

Factores de riesgo

⚙️ Comandos externos (3)

SKILL.md:21-24 references/data-access.md:14-17 references/chemical-analysis.md:17-47

🌐 Acceso a red (2)

references/data-access.md:148 references/chemical-analysis.md:23

📁 Acceso al sistema de archivos (2)

references/data-access.md:20 scripts/drugbank_helper.py:188-189

🔑 Variables de entorno (1)

references/data-access.md:14-16

Versión de auditoría 3

Seguro

Jan 17, 2026, 06:51 AM

This is a legitimate scientific skill for accessing the DrugBank bioinformatics database. All 353 static findings are FALSE POSITIVES caused by the analyzer misinterpreting Markdown code block syntax and bioinformatics terminology. The skill uses the official drugbank-downloader package for authenticated access to a recognized public database. No actual security risks were identified after manual evaluation.

8

Archivos escaneados

2,964

Líneas analizadas

4

hallazgos

claude

Auditado por

No se encontraron problemas de seguridad

Factores de riesgo

⚙️ Comandos externos (3)

SKILL.md:21-24 references/data-access.md:14-17 references/chemical-analysis.md:17-47

🌐 Acceso a red (2)

references/data-access.md:148 references/chemical-analysis.md:23

📁 Acceso al sistema de archivos (2)

references/data-access.md:20 scripts/drugbank_helper.py:188-189

🔑 Variables de entorno (1)

references/data-access.md:14-16

Versión de auditoría 2

Seguro

Jan 12, 2026, 04:28 PM

This is a legitimate scientific skill for accessing the DrugBank bioinformatics database. All 342 static findings are FALSE POSITIVES caused by the analyzer misinterpreting Markdown code block syntax and bioinformatics terminology. The skill uses the official drugbank-downloader package for authenticated access to a recognized public database.

7

Archivos escaneados

2,707

Líneas analizadas

3

hallazgos

claude

Auditado por

No se encontraron problemas de seguridad

Factores de riesgo

⚙️ Comandos externos (1)

references/chemical-analysis.md:17-47

🌐 Acceso a red (1)

references/chemical-analysis.md:23

📁 Acceso al sistema de archivos (1)

references/data-access.md:20

Versión de auditoría 1

Riesgo bajo

Jan 4, 2026, 05:15 PM

The skill is documentation and a local XML helper script. It includes example API calls and local caching paths, which introduce limited network and filesystem exposure when used. The helper script only parses XML data with no network calls, command execution, or credential theft.

10

Archivos escaneados

2,960

Líneas analizadas

5

hallazgos

claude

Auditado por

Problemas de riesgo bajo (2)

references/data-access.md:144-152

API requests transmit data to DrugBank

Documentation includes REST API examples: `url = f"https://go.drugbank.com/drugs/{drug_id}.json"` and `response = requests.get(url, headers=headers)`. This sends API credentials over the network when using the DrugBank API.

references/data-access.md:124-129 references/data-access.md:177-189

Cache writes to user home directory

Examples write cached data in user home: `drugbank_dir = Path.home() / '.data' / 'drugbank'` and `with open(cache_file, 'wb') as f:`. This writes outside the skill directory for data caching.

Factores de riesgo

⚡ Contiene scripts (1)

scripts/drugbank_helper.py:1-351

🌐 Acceso a red (1)

references/data-access.md:142-159

📁 Acceso al sistema de archivos (2)

references/data-access.md:119-130 references/data-access.md:169-190