alphagenome-single-variant-analysis

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill demonstrates secure credential management by utilizing .env files and explicitly instructing the agent to never read, print, or inspect the file contents, ensuring API keys do not enter the model's context.
  • [SAFE]: External network operations and data downloads are restricted to authorized domains associated with Google and Google DeepMind infrastructure.
  • [SAFE]: Python code execution is strictly managed using uv run, which creates an isolated virtual environment and ensures dependencies are resolved from standard package registries.
  • [SAFE]: The skill provides comprehensive guidance on interpreting model results, including warnings about statistical artifacts and model limitations, which promotes scientific integrity.
  • [SAFE]: Analysis of the input surface for potential indirect prompt injection shows that while the skill processes user-supplied genetic data, the risk is mitigated by the specialized nature of the domain and the use of dedicated scripts for data processing.
  • Ingestion points: User-provided variant strings and gene symbols in SKILL.md.
  • Boundary markers: Guidance is provided to treat scores below specific thresholds as non-functional.
  • Capability inventory: File system writes for plots and reports, subprocess execution via uv, and network access to the AlphaGenome API.
  • Sanitization: Input is parsed and validated by standard Python libraries in the provided scripts.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 06:50 PM
Security Audit — agent-trust-hub — alphagenome-single-variant-analysis