bio-workflow-management-wdl-workflows
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill includes shell commands to run the Cromwell engine and validate workflows. This is the primary intended use case for a workflow management skill and does not involve unauthorized command execution.
- [EXTERNAL_DOWNLOADS] (SAFE): The WDL tasks reference Docker images from reputable bioinformatics repositories such as Biocontainers on Docker Hub and Quay.io. These are trusted sources in the genomics community.
- [INDIRECT_PROMPT_INJECTION] (SAFE): The skill processes external data (FASTQ files, reference genomes, and JSON inputs). 1. Ingestion points: Input files defined in WDL and inputs.json; 2. Boundary markers: Explicit WDL input blocks; 3. Capability inventory: Shell execution within tasks (e.g., fastp, bwa, salmon); 4. Sanitization: Native WDL variable interpolation and quoting practices. These surfaces are inherent to the tool's primary function and do not represent a malicious injection vector.
Audit Metadata