tooluniverse-microbial-genome-characterization
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill retrieves data from the NCBI Datasets API and instructs the agent to process this external content using dynamically generated Python code. This creates a surface where malicious instructions embedded in genomic metadata could attempt to influence the generated code or agent behavior.
- Ingestion points: JSON data returned from the
NCBIDatasets_tool suite inSKILL.md. - Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands within the fetched JSON.
- Capability inventory: The agent is instructed to "write and run Python (pandas)" to perform data analysis as stated in the 'COMPUTE, DON'T DESCRIBE' section.
- Sanitization: No sanitization or validation steps are provided for the incoming JSON data before it is processed by the Python environment.
- [DYNAMIC_EXECUTION]: The workflow explicitly requires the agent to generate and execute local scripts. Specifically, the 'Phase 5' section of
SKILL.mddirects the agent to 'build a pandas table' and perform sorting/scoring operations via runtime script execution.
Audit Metadata