Audit History
pubchem-database - 4 audits
Audit version 4
Latest SafeJan 17, 2026, 07:39 AM
This is a legitimate scientific tool for querying the PubChem chemical database. Static analysis findings are false positives: the 'external commands' are Python code examples in markdown documentation, 'network' calls go to official NIH/NCBI servers, and 'weak cryptographic algorithm' detections are keyword false positives in a non-cryptographic context. No actual cryptographic code, command injection risks, or malicious behavior exists.
Risk Factors
๐ Network access (2)
๐ Filesystem access (1)
Audit version 3
SafeJan 17, 2026, 07:39 AM
This is a legitimate scientific tool for querying the PubChem chemical database. Static analysis findings are false positives: the 'external commands' are Python code examples in markdown documentation, 'network' calls go to official NIH/NCBI servers, and 'weak cryptographic algorithm' detections are keyword false positives in a non-cryptographic context. No actual cryptographic code, command injection risks, or malicious behavior exists.
Risk Factors
๐ Network access (2)
๐ Filesystem access (1)
Audit version 2
SafeJan 12, 2026, 04:44 PM
This is a legitimate scientific tool for accessing the PubChem chemical database. Static analysis findings are false positives - the 'external commands' are installation instructions, 'network' calls are to official NIH/NCBI servers, and no actual cryptographic code exists. The skill enables researchers to query molecular properties, perform similarity searches, and access bioactivity data.
Risk Factors
๐ Network access (3)
โ๏ธ External commands (2)
Audit version 1
SafeJan 4, 2026, 04:21 PM
Legitimate cheminformatics skill that queries only official PubChem/NCBI endpoints. No credential access, environment harvesting, or exfiltration detected. Network calls align with stated purpose.