Habilidades ensembl-database Historial de auditorías
🧬

Historial de auditorías

ensembl-database - 4 auditorías

Versión de auditoría 4

Más reciente Seguro

Jan 17, 2026, 06:59 AM

All 177 static findings are false positives. The skill is a legitimate bioinformatics tool querying the Ensembl genome database (maintained by EMBL-EBI). Scanner misidentified GA4GH Beacon API endpoints as Cobalt Strike keywords, HTTP status codes as cryptographic algorithms, and markdown code fences as shell command execution. Network requests target public bioinformatics APIs with proper rate limiting.

5
Archivos escaneados
2,174
Líneas analizadas
2
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad

Factores de riesgo

🌐 Acceso a red (3)
scripts/ensembl_query.py:22 scripts/ensembl_query.py:50-85 SKILL.md:63
⚙️ Comandos externos (2)
SKILL.md:40-42 references/api_endpoints.md:5-7

Versión de auditoría 3

Seguro

Jan 17, 2026, 06:59 AM

All 177 static findings are false positives. The skill is a legitimate bioinformatics tool querying the Ensembl genome database (maintained by EMBL-EBI). Scanner misidentified GA4GH Beacon API endpoints as Cobalt Strike keywords, HTTP status codes as cryptographic algorithms, and markdown code fences as shell command execution. Network requests target public bioinformatics APIs with proper rate limiting.

5
Archivos escaneados
2,174
Líneas analizadas
2
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad

Factores de riesgo

🌐 Acceso a red (3)
scripts/ensembl_query.py:22 scripts/ensembl_query.py:50-85 SKILL.md:63
⚙️ Comandos externos (2)
SKILL.md:40-42 references/api_endpoints.md:5-7

Versión de auditoría 2

Seguro

Jan 12, 2026, 04:35 PM

This is a legitimate bioinformatics skill for querying the Ensembl genome database maintained by EMBL-EBI. All static findings are false positives. The scanner misidentified GA4GH beacon protocol endpoints as Cobalt Strike keywords, HTTP status code documentation as cryptographic algorithms, and Python code examples in documentation as shell command execution risks. The skill uses standard HTTP libraries to query public bioinformatics APIs with proper rate limiting and error handling.

3
Archivos escaneados
1,086
Líneas analizadas
2
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad

Factores de riesgo

⚙️ Comandos externos (101)
references/api_endpoints.md:6 references/api_endpoints.md:7 references/api_endpoints.md:19 references/api_endpoints.md:27 references/api_endpoints.md:31 references/api_endpoints.md:35 references/api_endpoints.md:39 references/api_endpoints.md:39 references/api_endpoints.md:40 references/api_endpoints.md:44 references/api_endpoints.md:52 references/api_endpoints.md:56 references/api_endpoints.md:60 references/api_endpoints.md:72 references/api_endpoints.md:76 references/api_endpoints.md:80 references/api_endpoints.md:84 references/api_endpoints.md:95 references/api_endpoints.md:99 references/api_endpoints.md:107 references/api_endpoints.md:108 references/api_endpoints.md:113 references/api_endpoints.md:117 references/api_endpoints.md:118 references/api_endpoints.md:126 references/api_endpoints.md:130 references/api_endpoints.md:134 references/api_endpoints.md:138 references/api_endpoints.md:150 references/api_endpoints.md:154 references/api_endpoints.md:158 references/api_endpoints.md:162 references/api_endpoints.md:170 references/api_endpoints.md:171 references/api_endpoints.md:175 references/api_endpoints.md:176 references/api_endpoints.md:180 references/api_endpoints.md:188 references/api_endpoints.md:192 references/api_endpoints.md:196 references/api_endpoints.md:200 references/api_endpoints.md:208 references/api_endpoints.md:212 references/api_endpoints.md:220 references/api_endpoints.md:220 references/api_endpoints.md:221 references/api_endpoints.md:225 references/api_endpoints.md:229 references/api_endpoints.md:229 references/api_endpoints.md:230 references/api_endpoints.md:241 references/api_endpoints.md:250 references/api_endpoints.md:254 references/api_endpoints.md:258 references/api_endpoints.md:265 references/api_endpoints.md:276 references/api_endpoints.md:276 references/api_endpoints.md:277 references/api_endpoints.md:281 references/api_endpoints.md:285 references/api_endpoints.md:289 references/api_endpoints.md:310 references/api_endpoints.md:316 references/api_endpoints.md:317 references/api_endpoints.md:318 references/api_endpoints.md:343 SKILL.md:41-57 SKILL.md:57-60 SKILL.md:60-71 SKILL.md:71-84 SKILL.md:84-96 SKILL.md:96-109 SKILL.md:109-121 SKILL.md:121-134 SKILL.md:134-146 SKILL.md:146-159 SKILL.md:159-166 SKILL.md:166-172 SKILL.md:172 SKILL.md:172-175 SKILL.md:175-186 SKILL.md:186-195 SKILL.md:195-203 SKILL.md:203-228 SKILL.md:228-234 SKILL.md:234-236 SKILL.md:236-238 SKILL.md:238-242 SKILL.md:242-244 SKILL.md:244-246 SKILL.md:246-252 SKILL.md:252-256 SKILL.md:256-288 SKILL.md:288-294 SKILL.md:294-297 SKILL.md:297 SKILL.md:297-298 SKILL.md:298 SKILL.md:298-299 SKILL.md:299 SKILL.md:299-300
🌐 Acceso a red (34)
references/api_endpoints.md:6 references/api_endpoints.md:7 scripts/ensembl_query.py:50 scripts/ensembl_query.py:119 scripts/ensembl_query.py:134 scripts/ensembl_query.py:162 scripts/ensembl_query.py:189 scripts/ensembl_query.py:205 scripts/ensembl_query.py:223 scripts/ensembl_query.py:244 scripts/ensembl_query.py:265 scripts/ensembl_query.py:275 scripts/ensembl_query.py:289 scripts/ensembl_query.py:311 scripts/ensembl_query.py:36 scripts/ensembl_query.py:83 scripts/ensembl_query.py:85 scripts/ensembl_query.py:98 scripts/ensembl_query.py:159 scripts/ensembl_query.py:186 scripts/ensembl_query.py:22 scripts/ensembl_query.py:356 scripts/ensembl_query.py:358 SKILL.md:66 SKILL.md:212 SKILL.md:63 SKILL.md:172 SKILL.md:172 SKILL.md:208 SKILL.md:304 SKILL.md:305 SKILL.md:306 SKILL.md:307 SKILL.md:308

Versión de auditoría 1

Riesgo bajo

Jan 4, 2026, 05:16 PM

The skill includes a Python script that performs documented HTTP requests to the official Ensembl REST API. No credential harvesting, environment access, or filesystem traversal was found. Network calls are limited to rest.ensembl.org and grch37.rest.ensembl.org only.

6
Archivos escaneados
1,374
Líneas analizadas
4
hallazgos
claude
Auditado por
Problemas de riesgo bajo (2)
scripts/ensembl_query.py:83-86
HTTP requests to external Ensembl endpoints
The script issues outbound HTTP requests using requests library. Lines 83-86 show: "response = requests.post(url, headers=headers, json=data)" and "response = requests.get(url, headers=headers, params=params)". This is expected for API access but still allows query data to leave the machine.
scripts/ensembl_query.py:1
Executable Python CLI script present
The repository includes a runnable Python script with a shebang line at line 1: "#!/usr/bin/env python3". Executable scripts can be run by users but this is a standard CLI pattern for research tools.

Factores de riesgo

⚡ Contiene scripts (1)
scripts/ensembl_query.py:1-10
🌐 Acceso a red (1)
scripts/ensembl_query.py:83-86
← Volver a Skill