bids
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The script
scripts/update_schema.pyfetches the latest BIDS schema and Extension Proposals (BEPs) from official sources (bids-specification.readthedocs.ioand thebids-standardGitHub organization). These are trusted community resources for the neuroscience domain. - [COMMAND_EXECUTION]: The skill provides standard instructions for using neuroimaging CLI tools like
heudiconv,dcm2bids, andbids-validator. These are used for data transformation and validation according to scientific standards. - [INDIRECT_PROMPT_INJECTION]: As the skill processes externally provided datasets (JSON sidecars, TSV phenotypic data, and directory structures), there is a theoretical surface for indirect prompt injection. However, the risk is negligible as the skill uses standard scientific libraries for parsing and the data typically originates from controlled research environments.
- Ingestion points: Reads BIDS directory structures and metadata files (
dataset_description.json,*.json,*.tsv) usingpybidsandbids-validator. - Boundary markers: Not explicitly defined in logic, but standard BIDS parsing libraries enforce strict schema validation.
- Capability inventory: File system reads/writes for dataset organization; execution of standard neuroimaging CLI tools.
- Sanitization: Relies on
pybidsandjson/csvstandard library parsers which include built-in sanitization for their respective formats.
Audit Metadata