biopython
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Command Execution] (HIGH): The skill demonstrates the use of Biopython wrappers (ClustalOmegaCommandline, MuscleCommandline) to execute system-level binaries. If an agent uses these with unsanitized user-provided filenames, it could lead to arbitrary command execution. Evidence: references/alignment.md lines 212-233.
- [Unverifiable Dependencies] (MEDIUM): The skill depends on external tools like Clustal Omega and MUSCLE which are not managed via standard Python package managers and must be independently installed. Evidence: references/alignment.md.
- [Indirect Prompt Injection] (HIGH): The skill is designed to parse external biological data files (FASTA, FASTQ, GenBank). Without proper boundary markers and sanitization, malicious data within these files could influence agent behavior, especially since the agent has the capability to write files and execute commands. 1. Ingestion: SeqIO.parse and AlignIO.read in both files. 2. Boundary markers: Absent. 3. Capability inventory: Command execution and file system writes. 4. Sanitization: Not shown in examples.
Recommendations
- AI detected serious security threats
Audit Metadata