ena-database
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill ingests external data from ENA API responses, which constitutes a surface for indirect prompt injection if those records contain malicious instructions.\n
- Ingestion points: Metadata, sequence data, and taxonomic records retrieved from ENA REST APIs (ebi.ac.uk) as documented in SKILL.md and api_reference.md.\n
- Boundary markers: Absent. The skill does not define specific delimiters or instructions to help the agent distinguish between system instructions and external data strings.\n
- Capability inventory: The agent performs network GET requests and is directed to use external CLI tools for data management.\n
- Sanitization: Absent. No verification or escaping procedures are specified for processing retrieved record content.\n- [EXTERNAL_DOWNLOADS]: The skill provides detailed instructions for downloading large datasets from official EBI servers via FTP, Aspera, and the enaBrowserTools command-line utility.
Audit Metadata