etetoolkit
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The scripts ingest and process external Newick tree files. If these files contain malicious instructions in taxon names or metadata, and the script's output (like leaf lists or ASCII trees) is read by the agent, it could trigger unintended behavior.
- Ingestion points: Tree files are loaded in
scripts/quick_visualize.pyandscripts/tree_operations.py. - Boundary markers: Absent; the scripts do not use delimiters or warnings when outputting tree data.
- Capability inventory: The skill can write files to the disk and perform complex tree operations.
- Sanitization: No sanitization is performed on the data extracted from the Newick files before it is printed to stdout.
Audit Metadata