The Agent Skills Directory

[Prompt Injection] (SAFE): No direct injection patterns, jailbreak attempts, or safety bypass instructions were found in the skill content.
[Data Exposure & Exfiltration] (SAFE): The skill accesses local data files (.h5ad) for biological analysis; no evidence of sensitive system file access or external data exfiltration was detected.
[Obfuscation] (SAFE): No obfuscated code, Base64 encoding, or hidden Unicode characters were identified.
[Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill uses established scientific packages (scvi-tools, scanpy) from standard registries. No piped shell commands or dynamic execution of untrusted code were found.
[Indirect Prompt Injection] (LOW): The skill ingests untrusted external data which could potentially contain malicious instructions intended to influence the agent. 1. Ingestion points: sc.read_h5ad in references/models-atac-seq.md. 2. Boundary markers: None present in the data loading code. 3. Capability inventory: Model training, local file persistence (saving/loading models). 4. Sanitization: Standard biological data processing without specific security filtering.
[External Downloads] (SAFE): The skill performs downloads of reference datasets and genomic sequences from trusted scientific repositories (e.g., scvi-tools data portal and UCSC genome browser).

scvi-tools