primekg
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [DATA_EXFILTRATION]: The skill contains a hardcoded file path (/mnt/c/Users/eamon/Documents/Data/PrimeKG/kg.csv) that reveals a local system username ('eamon'). This constitutes a minor information disclosure regarding the host environment.
- [PROMPT_INJECTION]: The skill processes data from an external CSV file which serves as a potential vector for indirect prompt injection if the file content is modified by an adversary. (1) Ingestion points: Data is loaded from a local CSV file using pandas.read_csv in scripts/query_primekg.py. (2) Boundary markers: Absent; there are no instructions provided to the agent to disregard embedded commands within the retrieved data. (3) Capability inventory: The skill allows for searching biological entities and retrieving their relationships, which are then presented to the agent. (4) Sanitization: No validation or sanitization of the CSV data is performed before it is processed and returned to the agent context.
Audit Metadata