genomeark-aws
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides Python code that uses
subprocess.runto execute AWS CLI commands. These commands are used to interact with the GenomeArk S3 bucket using dynamically constructed paths. While the code uses argument lists to avoid shell injection, the execution of external binaries with variable-based inputs is a noteworthy pattern. - [PROMPT_INJECTION]: The skill ingests and parses text reports from a public S3 bucket (s3://genomeark/), creating a surface for indirect prompt injection. Maliciously crafted data files could contain instructions that influence the agent's behavior. Ingestion points: Publicly accessible text reports like GenomeScope summaries and BUSCO reports. Boundary markers: No specific boundary markers or ignore-instructions warnings are provided. Capability inventory: Access to shell command execution through the AWS CLI and file system operations. Sanitization: The skill performs scientific data validation but lacks measures to sanitize ingested content for malicious instructions.
Audit Metadata