bio-reporting-quarto-reports
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE] (SAFE): The skill consists of standard documentation, YAML templates, and code snippets for Quarto, a legitimate open-source scientific publishing system. No malicious patterns, obfuscation, or persistence mechanisms were detected.
- [COMMAND_EXECUTION] (LOW): The skill includes examples of 'quarto render' commands. While these commands execute embedded code, this is the primary and intended purpose of the tool for generating reports.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill demonstrates the ingestion of external data and sub-files.
- Ingestion points: Uses 'include' for '_methods.qmd' and reads files like 'data.h5ad' and 'counts.csv'.
- Boundary markers: Absent (relies on Quarto's internal cell parsing).
- Capability inventory: Subprocess execution via 'quarto render', which runs Python and R environments to execute data analysis code.
- Sanitization: Absent. Rendering documents from untrusted sources is a known risk of the Quarto/Jupyter ecosystem, which the user must manage by only rendering trusted source files.
Audit Metadata