deeptools
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
scripts/workflow_generator.pyto create bash scripts that it then executes usingchmod +x. This pattern involves running dynamically generated code based on user-provided inputs. - [PROMPT_INJECTION]: The
scripts/workflow_generator.pyscript is susceptible to indirect prompt injection. It accepts parameters like file paths and genome sizes and interpolates them directly into shell script templates without any sanitization or escaping. This allows for potential shell command injection if malicious strings are passed to the script generator. 1. Ingestion points: Input arguments toscripts/workflow_generator.py(--input-bam,--chip-bams, etc.). 2. Boundary markers: None used in the generated bash script templates. 3. Capability inventory: The skill can write files and generate executable shell commands. 4. Sanitization: The input parameters are not validated or escaped before being placed into the script templates.
Audit Metadata