Skills
NYC
skills/microck/ordinary-claude-skills/pysam/Gen Agent Trust Hub

pysam

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [Indirect Prompt Injection] (HIGH): The skill is vulnerable to indirect prompt injection as it ingests untrusted data from genomic datasets and has powerful output capabilities.
  • Ingestion points: Objects like pysam.AlignmentFile, pysam.VariantFile, and pysam.FastaFile read external file content into the agent context.
  • Boundary markers: Absent. The skill does not implement delimiters or 'ignore' instructions for data processed from these files.
  • Capability inventory: The skill can execute system-level commands via pysam.samtools and pysam.bcftools and write files to the filesystem.
  • Sanitization: None. Genomic metadata (e.g., read names, headers, or INFO fields) is not sanitized for potential natural language instructions.
  • [Command Execution] (MEDIUM): The skill provides access to bioinformatics tools that interact directly with the filesystem.
  • Evidence: pysam.samtools.sort, pysam.samtools.index, and pysam.bcftools.view calls can be used to create, overwrite, or manipulate files based on potentially untrusted input.
  • [External Downloads] (LOW): The skill depends on the external pysam package.
  • Evidence: SKILL.md instructs the installation of pysam via uv pip install.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 08:58 PM