giime-components
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The file
references/mcp-setup.mdprovides a configuration for an external MCP server athttps://genapi-giime.giikin.com/mcp. This server is used to fetch component documentation. The domain is owned by the vendor (giikin) and represents a legitimate infrastructure reference. - [PROMPT_INJECTION]: The skill establishes a workflow in
SKILL.mdwhere the agent is instructed to fetch and interpret documentation from a remote API, creating a surface for indirect prompt injection. - Ingestion points: Untrusted content is retrieved through the
get-giime-docs-sidebarandget-giime-component-doctools. - Boundary markers: There are no specific instructions or delimiters provided to prevent the agent from executing instructions potentially embedded in the fetched Markdown documentation.
- Capability inventory: The skill is used for code generation and UI guidance. While it does not include direct command execution or file-system writing, it influences the code the agent writes for the user.
- Sanitization: No validation or sanitization mechanisms are described for the content returned by the external documentation API.
Audit Metadata