lamindb
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides documentation and code examples for the LaminDB framework. All external references are directed toward official documentation, well-known GitHub repositories, and trusted cloud infrastructure providers (AWS, Google Cloud, Cloudflare).
- [COMMAND_EXECUTION]: The skill includes legitimate command-line instructions for environment setup, package installation via standard managers (pip, uv), and framework management through the LaminDB CLI.
- [CREDENTIALS_UNSAFE]: No hardcoded credentials or secrets were found. The documentation follows security best practices by instructing users to utilize environment variables (e.g., AWS_ACCESS_KEY_ID) and secure CLI authentication workflows for managing access to cloud storage and databases.
- [DATA_EXFILTRATION]: No unauthorized data exfiltration patterns were detected. The skill describes intended data movement between local environments and user-controlled cloud storage as part of its core functionality.
- [INDIRECT_PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it is designed to ingest and process external biological datasets.
- Ingestion points: Processes various file formats via
pandas.read_csv,anndata.read_h5ad, and the LaminDBArtifact.loadmethod across several reference files. - Boundary markers: No explicit boundary markers or isolation instructions are present in the snippets for data loading.
- Capability inventory: Capabilities include file system writes, cloud storage synchronization, and database record creation.
- Sanitization: The skill mitigates risks by implementing rigorous schema validation and biological ontology standardization (via Bionty) to ensure data integrity and structural compliance.
Audit Metadata