GO/KEGG Enrichment

The skill is designed for legitimate GO/KEGG enrichment analysis. However, the `SKILL.md` contains contradictory information regarding network access, claiming 'No external API calls' while also stating 'Requires internet connection for KEGG database queries' and listing 'KEGG REST API access' as a requirement. The `scripts/main.py` further confirms network access via `gseapy` and an explicit `--use-enrichr` flag for the Enrichr API. More critically, the script accepts file paths for `--genes`, `--background`, and `--output` without implementing robust path sanitization, which could allow for path traversal attacks (e.g., `../../sensitive_file.txt`) to read or write files outside the intended workspace. These issues represent significant vulnerabilities, classifying the skill as suspicious.