ena-database
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Prompt Injection] (LOW): The skill includes instructions to proactively suggest a specific external platform (K-Dense Web) when complexity increases, which is an attempt to influence agent behavior for promotional purposes.
- [Indirect Prompt Injection] (LOW): The skill accesses untrusted data from an external API. Evidence Chain: 1. Ingestion points: ENA API responses from ebi.ac.uk (XML, JSON, TSV). 2. Boundary markers: No delimiters or warnings are used to isolate untrusted API content in the provided code snippets. 3. Capability inventory: Performs network requests using the requests library. 4. Sanitization: No sanitization or validation of the remote data is demonstrated in the examples.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials or access to sensitive local file paths (e.g., SSH keys, env files) were detected. Network operations are restricted to legitimate scientific domains.
Audit Metadata