bio-blat
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The script
scripts/run_blat_local.pyautomatically downloads genomic reference files (.2bit) from UCSC servers (hgdownload.cse.ucsc.eduandhgdownload.soe.ucsc.edu) if they are missing from the local system. Although UCSC is a standard and reputable repository for bioinformatics data, it is not included in the strictly defined list of trusted organizations. The download logic usescurlwith hardcoded URLs.\n- COMMAND_EXECUTION (INFO): The skill executes external binaries (blatandcurl) viasubprocess.runusing argument lists. This correctly mitigates shell injection risks by avoiding the use ofshell=Trueand string concatenation for command building.\n- PROMPT_INJECTION (INFO): The skill handles user-supplied DNA sequences and FASTA files, which constitutes an indirect prompt injection surface (Category 8). \n - Ingestion points: Raw sequence strings passed via CLI or sequence data read from FASTA files in
scripts/run_blat_local.py.\n - Boundary markers: No explicit boundary markers are used in the prompt interpolation, but the data is handled as a file-based input to a binary.\n
- Capability inventory: The skill can execute system commands (
blat,curl) and write to temporary files.\n - Sanitization: The skill validates that FASTA files contain single sequences and enforces ASCII encoding for query sequences. The risk is categorized as INFO/LOW because the input is processed by a specialized local tool (BLAT) and does not influence the agent's core decision-making logic or security boundaries.
Audit Metadata