Skills
skills/davila7/claude-code-templates/histolab/Gen Agent Trust Hub

histolab

Fail

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: HIGHDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • Data Exposure & Exfiltration (MEDIUM): The skill provides the ability to read arbitrary files from the local system via the slide_path parameter in the Slide class (references/slide_management.md). While intended for medical images, an attacker could attempt to point this to sensitive files. It also allows writing to the disk via processed_path and save_thumbnail().
  • Indirect Prompt Injection (HIGH): The skill possesses a significant attack surface by processing untrusted external data with write capabilities.
  • Ingestion points: Untrusted data enters the agent context through the slide_path parameter and the resulting Slide object properties (references/slide_management.md).
  • Boundary markers: None identified. The documentation does not specify the use of delimiters or instructions to ignore embedded data markers.
  • Capability inventory: The skill can perform file system reads (opening WSI files) and file system writes (save_thumbnail, creating tiles in processed_path).
  • Sanitization: There is no evidence of path sanitization or validation of the image content/metadata before processing. If image metadata (e.g., vendor-specific fields) is interpolated into subsequent prompts, it could influence agent behavior.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 15, 2026, 10:15 PM