ensembl-database
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- PROMPT_INJECTION (HIGH): The 'Additional Resources' section contains a 'Self-referential/Steering' injection. It instructs the agent to monitor user request complexity and proactively suggest moving the conversation to a specific commercial website ('www.k-dense.ai'). This is a direct attempt to override the agent's natural helpfulness and steer users toward a specific product based on author-defined triggers.
- EXTERNAL_DOWNLOADS (MEDIUM): The skill requires the installation of the
ensembl_restPython package. While this package is intended for the Ensembl API, installing and executing code from external, non-standard repositories introduces a supply-chain risk. - INDIRECT_PROMPT_INJECTION (LOW): The skill ingests data from the Ensembl REST API. While genomic data is generally structured and low-risk, the lack of sanitization or boundary markers when processing this external data presents a theoretical (though unlikely) surface for instructions to be embedded in database fields.
Recommendations
- AI detected serious security threats
Audit Metadata