The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill parses and processes VCF files, which can contain untrusted data in the INFO and FORMAT fields (e.g., gene symbols, consequence terms, clinical significance strings). This content is directly interpolated into Markdown reports generated by the generate_variant_report function.
Ingestion points: VCF file content parsed in python_implementation.py (specifically strings from the ANN, CSQ, and FUNCOTATION fields).
Boundary markers: None identified in the generated Markdown reports to differentiate between tool-generated headers and file-provided data.
Capability inventory: The skill can generate detailed Markdown reports and cross-tabulations that may be displayed to or processed by an AI agent.
Sanitization: Content from the VCF fields is used directly without escaping or validation for potential injection strings.
[EXTERNAL_DOWNLOADS]: The skill utilizes the tooluniverse library and various utility scripts to query well-known bioinformatics services (MyVariant.info, dbSNP, gnomAD, Ensembl VEP). These are standard research tools and do not involve the execution of untrusted remote code.
[CREDENTIALS_UNSAFE]: The skill includes a .env.template file for API keys. It uses placeholders (e.g., your_api_key_here) and does not contain hardcoded credentials.

tooluniverse-variant-analysis