bio-reporting-rmarkdown-reports
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (MEDIUM): The skill is designed to ingest and process external CSV files provided through parameters.
- Ingestion points:
params$count_fileandparams$metadata_file(SKILL.md). - Boundary markers: Absent; files are loaded directly into the R environment.
- Capability inventory: Full R code execution via
rmarkdown::render, including file read/write and report generation. - Sanitization: No explicit sanitization or validation of input data or file paths is provided.
- [Dynamic Execution] (MEDIUM): The skill utilizes R Markdown's core functionality to execute code blocks at runtime. This is the intended behavior for reporting but represents an execution risk if the environment handles untrusted instructions embedded in data.
- [Command Execution] (LOW): Performs filesystem writes and report rendering using
rmarkdown::render. This is a standard operation for the tool's purpose but involves creating new files and potentially executing batch processes.
Audit Metadata