neurokit2
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to install the
neurokit2library from PyPI and its development version from the official GitHub repository (https://github.com/neuropsychology/NeuroKit/zipball/dev). Additionally, several modules reference functions likenk.mne_data()that download datasets from external research repositories. - [COMMAND_EXECUTION]: The skill utilizes shell commands to manage dependencies, specifically using the
uvtool to install Python packages from remote locations. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its handling of external data.
- Ingestion points: The skill ingests physiological signal data (e.g., ECG, EEG, EDA) from external sources for analysis throughout the reference documentation.
- Boundary markers: No specific boundary markers or instructions to isolate the data from the agent's processing logic are mentioned.
- Capability inventory: The skill can perform shell-based package installation and execute Python code for data processing.
- Sanitization: The instructions do not describe any explicit sanitization or validation of the input signals, relying on the internal data handling of the NeuroKit2 library.
Audit Metadata