bioinformatics-workflows
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Indirect Prompt Injection] (SAFE): The skill analyzes user-provided workflow code (.nf, .smk, .config), which presents a surface for indirect prompt injection if those files contain malicious instructions intended for the agent.
- Ingestion points: User-provided bioinformatics workflow definitions targeted by the regex patterns in
references/validations.md. - Boundary markers: The
SKILL.mdlacks explicit XML delimiters or system-level warnings to the agent to disregard instructions embedded within the processed code files. - Capability inventory: The skill is entirely descriptive and diagnostic; it does not include any executable scripts (.py, .js, .sh), and thus has no capability for command execution, file modification, or network access.
- Sanitization: No sanitization or filtering logic is present for the ingested code content.
- [Unverifiable Dependencies] (SAFE): No external package dependencies (Python/Node.js) or remote script downloads are used in this skill.
- [Privilege Escalation] (SAFE): While the skill mentions container volume mounting (e.g.,
-v /data:/data), these are presented as educational examples for users rather than commands executed by the agent itself.
Audit Metadata