tooluniverse-gwas-snp-interpretation
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill retrieves genomic data from public databases including the GWAS Catalog (EMBL-EBI) and Open Targets Genetics. These are well-known and reputable scientific services. This behavior is consistent with the skill's primary purpose.
- [COMMAND_EXECUTION]: Several test scripts (e.g.,
test_gwas_snp_tools.py,test_skill_comprehensive.py) include hardcoded local absolute paths (e.g.,/Users/shgao/logs/...) for development purposes. While this is a poor practice for code portability, it does not constitute a security risk to the user. - [DATA_EXPOSURE]: The
.env.templatefile provides a safe template for managing API keys using placeholders. Instructions correctly guide users to store sensitive credentials in a local environment file rather than hardcoding them. - [PROMPT_INJECTION]: The skill represents an indirect prompt injection surface as it ingests data from external genomic APIs. However, the data sources are curated scientific repositories, and the skill performs data extraction rather than executing instructions from the fetched content, resulting in a low-risk profile.
Audit Metadata