deeptools
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No security issues detected across all analyzed files.\n- [Prompt Injection] (SAFE): The markdown files contain technical documentation and shell examples; no instructions to override agent behavior or bypass safety filters were found.\n- [Data Exposure & Exfiltration] (SAFE): The skill does not access sensitive local paths (e.g., ~/.ssh) and contains no network-exfiltration logic. The Python script performs read-only validation of local genomic files.\n- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No external package installations or remote script executions (e.g., curl | bash) are present. The validation script uses only Python standard library modules (os, sys, argparse, pathlib).\n- [Indirect Prompt Injection] (SAFE): The file ingestion surface for BED/BAM/bigWig files is used for structural validation and does not interact with risky sinks.\n
- Ingestion points: scripts/validate_files.py (reading BED lines for integer validation)\n
- Boundary markers: N/A (not processing natural language data)\n
- Capability inventory: None (no subprocess calls or network activity found in scripts)\n
- Sanitization: The script performs type-checking (int conversion) on data read from BED files.
Audit Metadata