moderna-scientist
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its processing of untrusted external datasets.
- Ingestion points: Data enters the agent context from external sources such as the GISAID sequence database, Benchling LIMS experiments, and S3 genomics data lakes as described in the DBTL workflows in SKILL.md.
- Boundary markers: The instructions lack specific delimiting markers or system instructions to ignore potential commands embedded within sequences or research metadata.
- Capability inventory: The skill directs the agent to interact with gene synthesis APIs (Twist, Genscript) and cloud compute services (AWS Batch), creating a path where malicious input could influence external tool execution.
- Sanitization: No explicit input validation or escaping mechanisms are defined for the handled external bioinformatics content.
Audit Metadata