biopython

Pass

Audited by Gen Agent Trust Hub on May 29, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses Bio.Entrez and Bio.Blast.NCBIWWW to interact with the National Center for Biotechnology Information (NCBI) web services for fetching sequences and running remote alignments. These operations target a well-known scientific service and are neutral in nature.\n- [COMMAND_EXECUTION]: Provides patterns for executing external bioinformatics applications like Clustal Omega, MUSCLE, and BLAST+ via Biopython's command-line wrappers. These tools run locally and require manual installation by the user.\n- [PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection because it ingests and processes complex biological data from external files and databases that could contain malicious instructions.\n
  • Ingestion points: Biological data files parsed via SeqIO, AlignIO, Phylo, and Bio.PDB; remote records fetched via Bio.Entrez.\n
  • Boundary markers: No explicit instructions are provided to the agent to treat biological record metadata or comments as untrusted data.\n
  • Capability inventory: Subprocess execution (via CLI wrappers), file system writes (SeqIO.write), and network operations (Bio.Entrez).\n
  • Sanitization: Relies on standard Biopython library parsers; no specific sanitization or escaping of sequence metadata for the LLM is implemented.
Audit Metadata
Risk Level
SAFE
Analyzed
May 29, 2026, 12:31 PM
Security Audit — agent-trust-hub — biopython