scikit-bio
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of legitimate technical documentation for the scikit-bio Python library. It covers sequence analysis, phylogenetics, and diversity metrics using standard scientific libraries like NumPy and Pandas. No obfuscation, persistence mechanisms, or unauthorized privilege escalation attempts were found.
- [PROMPT_INJECTION]: The skill contains logic for processing external files (FASTA, FASTQ, BIOM, Newick), which represents a surface for indirect prompt injection. However, this is the core intended purpose of the bioinformatics skill and does not pose a high risk due to the lack of dangerous capabilities like arbitrary command execution or network access.
- Ingestion points: Methods such as
skbio.DNA.read(),skbio.io.read(), andTable.read()inSKILL.mdandapi_reference.md. - Boundary markers: No specific delimiters or instruction-bypass warnings are mentioned for data ingestion.
- Capability inventory: The skill is limited to biological data manipulation, statistical testing (PERMANOVA), and tree construction; it does not include subprocess spawning or network exfiltration tools.
- Sanitization: Standard data validation provided by the scikit-bio library for biological alphabets and file formats is utilized.
Audit Metadata