bio-workflows-rnaseq-to-de
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No patterns found targeting agent behavior overrides or safety bypasses. The skill uses purely technical instructional language.
- [Data Exposure & Exfiltration] (SAFE): Analysis found no hardcoded credentials, access to sensitive system paths (like SSH keys), or network requests to non-whitelisted domains. Data operations are restricted to local file processing.
- [Obfuscation] (SAFE): No evidence of Base64 encoding, zero-width characters, homoglyphs, or other techniques to hide code intent.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The workflow relies on well-known bioinformatics binaries (fastp, Salmon, STAR) and R libraries (DESeq2, tximport). No unsafe remote downloads or piped execution (e.g., curl | bash) are present.
- [Indirect Prompt Injection] (LOW): The skill processes external data including FASTQ files and CSV metadata which could theoretically contain malicious content.
- Ingestion points: reads FASTQ files via fastp/Salmon and 'tx2gene.csv' via R.
- Boundary markers: Absent (standard for scientific data).
- Capability inventory: Executes shell commands (fastp, salmon, STAR, featureCounts) and R script logic.
- Sanitization: No explicit sanitization or validation of input file contents before processing.
- [Persistence & Privilege Escalation] (SAFE): No attempts to modify system startup files, cron jobs, or use sudo for elevated privileges were detected.
Audit Metadata