anndata
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (SAFE): The skill is designed to ingest data from external sources such as CSV, Excel, and H5AD files. This constitutes an attack surface for indirect prompt injection if the files contain malicious instructions. Evidence: 1. Ingestion points: read_h5ad, read_csv, read_excel, and read_zarr in references/io_operations.md. 2. Boundary markers: Absent. 3. Capability inventory: No subprocess, shell, or arbitrary code execution capabilities are present in the provided scripts. 4. Sanitization: Standard library file parsing is used without additional input sanitization.
- External Downloads (SAFE): The documentation includes examples of accessing data from remote URLs and S3 buckets using fsspec and urllib. These examples are for legitimate data retrieval and use placeholder URLs.
Audit Metadata