tooluniverse-microbial-genome-characterization

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill retrieves data from the NCBI Datasets API and instructs the agent to process this external content using dynamically generated Python code. This creates a surface where malicious instructions embedded in genomic metadata could attempt to influence the generated code or agent behavior.
  • Ingestion points: JSON data returned from the NCBIDatasets_ tool suite in SKILL.md.
  • Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands within the fetched JSON.
  • Capability inventory: The agent is instructed to "write and run Python (pandas)" to perform data analysis as stated in the 'COMPUTE, DON'T DESCRIBE' section.
  • Sanitization: No sanitization or validation steps are provided for the incoming JSON data before it is processed by the Python environment.
  • [DYNAMIC_EXECUTION]: The workflow explicitly requires the agent to generate and execute local scripts. Specifically, the 'Phase 5' section of SKILL.md directs the agent to 'build a pandas table' and perform sorting/scoring operations via runtime script execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:26 AM
Security Audit — agent-trust-hub — tooluniverse-microbial-genome-characterization