Skills
skills/k-dense-ai/claude-scientific-skills/latchbio-integration/Gen Agent Trust Hub

latchbio-integration

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructions promote the use of the latch CLI for critical operations including latch login, latch init, and latch register. The registration process involves local Docker containerization and serialization of Python code for remote execution on the Latch platform.
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the latch Python package from the official Python Package Index (PyPI). It also references official resources from latch.bio and github.com/latchbio/latch.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection (Category 8).
  • Ingestion points: Experimental data is ingested through LatchFile, LatchDir, and structured Registry tables (references/data-management.md).
  • Boundary markers: No specific delimiters or instructions to ignore embedded commands within ingested files (e.g., CSV metadata, FASTA comments) are present.
  • Capability inventory: The skill can execute system commands via the CLI, register new workflows (latch register), and modify cloud data records (Record.update).
  • Sanitization: There is no evidence of sanitization or validation of the content within ingested files before they are processed or presented to the agent context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 08:47 PM