gene-database
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- DATA_EXFILTRATION (LOW): The scripts
batch_gene_lookup.py,fetch_gene_data.py, andquery_gene.pyperform network requests toncbi.nlm.nih.gov. While NCBI is a reputable government scientific resource, it is not included in the predefined whitelist of trusted domains for exfiltration analysis. No access to sensitive local files (e.g., SSH keys or credentials) was detected. - PROMPT_INJECTION (LOW): This skill is vulnerable to Indirect Prompt Injection (Category 8) because it ingests and processes data from external NCBI API responses and user-provided gene list files. 1. Ingestion points:
scripts/batch_gene_lookup.py(lines 101, 142),scripts/fetch_gene_data.py(lines 79, 114, 144), andscripts/query_gene.py(lines 46, 79, 113). 2. Boundary markers: Absent; external data is presented to the agent without delimiters or instructions to ignore embedded commands. 3. Capability inventory: Network access viaurllib.requestand local file writing inscripts/batch_gene_lookup.py(line 258). 4. Sanitization: Standard JSON/XML parsing is performed, but no natural language sanitization or filtering is applied to the retrieved data before it is presented to the agent.
Audit Metadata