Audit History
cosmic-database - 4 audits
Audit version 4
Latest SafeJan 17, 2026, 06:32 AM
All 121 static findings are false positives. The analyzer misidentified markdown code fences (```) as shell backticks, documentation URLs as network threats, and fabricated cryptographic patterns. This is a legitimate Sanger Institute bioinformatics tool. The Python script only makes authenticated HTTPS requests to download cancer genomics data from the official COSMIC database.
Low Risk Issues (3)
Risk Factors
🌐 Network access (1)
📁 Filesystem access (1)
Audit version 3
SafeJan 17, 2026, 06:32 AM
All 121 static findings are false positives. The analyzer misidentified markdown code fences (```) as shell backticks, documentation URLs as network threats, and fabricated cryptographic patterns. This is a legitimate Sanger Institute bioinformatics tool. The Python script only makes authenticated HTTPS requests to download cancer genomics data from the official COSMIC database.
Low Risk Issues (3)
Risk Factors
🌐 Network access (1)
📁 Filesystem access (1)
Audit version 2
SafeJan 12, 2026, 05:03 PM
The skill is a legitimate bioinformatics tool for accessing the COSMIC cancer database. Static analysis flagged many false positives from documentation examples. The actual code only makes authenticated API requests to COSMIC and downloads cancer research data files.
Low Risk Issues (3)
Risk Factors
🌐 Network access (1)
📁 Filesystem access (1)
Audit version 1
Low RiskJan 4, 2026, 05:02 PM
The skill performs authenticated HTTPS requests to the official COSMIC download service and saves files locally. No code execution, persistence mechanisms, or obfuscation detected. Capabilities match the stated purpose of downloading cancer genomics data.