Audit History - bioservices

Audit version 4

Latest Safe

Jan 17, 2026, 05:56 AM

All 521 static findings are false positives. Scanner misidentified markdown code block delimiters as shell commands, biological database identifiers as cryptographic algorithms, and legitimate API queries to bioinformatics databases as system reconnaissance. The skill is a legitimate scientific library interface.

9

Files scanned

4,227

Lines analyzed

3

findings

claude

Audited by

No security issues found

Risk Factors

⚙️ External commands (4)

SKILL.md:34 references/identifier_mapping.md:33 references/services_reference.md:12 references/workflow_patterns.md:25

🌐 Network access (1)

SKILL.md:356-357

📁 Filesystem access (2)

scripts/batch_id_converter.py:168 scripts/pathway_analysis.py:114

Audit version 3

Safe

Jan 17, 2026, 05:56 AM

All 521 static findings are false positives. Scanner misidentified markdown code block delimiters as shell commands, biological database identifiers as cryptographic algorithms, and legitimate API queries to bioinformatics databases as system reconnaissance. The skill is a legitimate scientific library interface.

9

Files scanned

4,227

Lines analyzed

3

findings

claude

Audited by

No security issues found

Risk Factors

⚙️ External commands (4)

SKILL.md:34 references/identifier_mapping.md:33 references/services_reference.md:12 references/workflow_patterns.md:25

🌐 Network access (1)

SKILL.md:356-357

📁 Filesystem access (2)

scripts/batch_id_converter.py:168 scripts/pathway_analysis.py:114

Audit version 2

Safe

Jan 12, 2026, 04:23 PM

All 511 static findings are false positives. Scanner incorrectly flagged markdown code block delimiters as shell commands, biological database identifiers as cryptographic algorithms, and standard file operations as reconnaissance. The skill is a legitimate bioinformatics library interface with expected network access to biological databases.

8

Files scanned

3,942

Lines analyzed

3

findings

claude

Audited by

No security issues found

Risk Factors

⚙️ External commands (4)

SKILL.md:34 references/identifier_mapping.md:33 references/services_reference.md:12 references/workflow_patterns.md:25

🌐 Network access (1)

SKILL.md:356-357

📁 Filesystem access (2)

scripts/batch_id_converter.py:168 scripts/pathway_analysis.py:114

Audit version 1

Medium Risk

Jan 4, 2026, 04:44 PM

Legitimate bioinformatics skill with 4 executable Python scripts that query public biological databases. Network calls target known bioinformatics services (UniProt, KEGG, ChEMBL, NCBI). Filesystem access is limited to user-specified input/output paths for analysis results. No environment access or external command execution.

11

Files scanned

4,349

Lines analyzed

3

findings

claude

Audited by

No security issues found

Risk Factors

⚡ Contains scripts (4)

scripts/compound_cross_reference.py:1-379 scripts/protein_analysis_workflow.py:1-409 scripts/pathway_analysis.py:1-310 scripts/batch_id_converter.py:1-348

🌐 Network access (4)

scripts/compound_cross_reference.py:32-37 scripts/protein_analysis_workflow.py:35-51 scripts/pathway_analysis.py:38-39 scripts/batch_id_converter.py:102-117

📁 Filesystem access (3)

scripts/batch_id_converter.py:82-84 scripts/pathway_analysis.py:114-145 scripts/compound_cross_reference.py:284-310