Skills
skills/mims-harvard/tooluniverse/tooluniverse-variant-analysis/Snyk

tooluniverse-variant-analysis

Warn

Audited by Snyk on Mar 29, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill explicitly queries public third-party databases (MyVariant.info, dbSNP, gnomAD, Ensembl VEP, ClinGen, etc.) as shown in SKILL.md Phase 5 and references/annotation_guide.md and in python_implementation.py (batch_annotate_variants / annotate_variant_with_*) — the agent ingests and acts on that external, user-submitted/public data to drive annotation and pathogenicity decisions.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 29, 2026, 11:48 PM
Issues
1