etetoolkit
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill scripts depend on the 'ete3' library, which is an external Python package not listed among trusted sources. This introduces a dependency on unverified third-party code.
- [PROMPT_INJECTION] (MEDIUM): The skill is susceptible to indirect prompt injection via the processing of untrusted Newick tree files and taxa lists. Ingestion points: 'args.input' in both scripts and 'args.keep_taxa' in 'tree_operations.py'. Boundary markers: Absent. Capability inventory: 'tree.render' in 'quick_visualize.py', 'tree.write' in 'tree_operations.py', and console output. Sanitization: Minimal, limited to basic output file extension validation.
- [COMMAND_EXECUTION] (LOW): The provided scripts are intended for command-line execution. While consistent with the stated purpose, use of such tools by an agent on untrusted inputs requires careful monitoring.
Audit Metadata