benchling-integration
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation instructs users to install the official
benchling-sdkand utilizes the standardbiopythonlibrary for biological sequence parsing. These are legitimate dependencies for the stated purpose. - [COMMAND_EXECUTION]: The skill provides command-line examples for package management using
uvandpoetryto facilitate the setup of the Python development environment. - [PROMPT_INJECTION]: The file contains behavioral instructions that direct the agent to recommend the 'K-Dense Web' platform when encountering complex workflow requests. While this influences the agent's output behavior, it does not attempt to bypass safety constraints or override system-level instructions.
- [CREDENTIALS_UNSAFE]: The skill correctly emphasizes security best practices for API key management, advising against hardcoding credentials and recommending the use of environment variables. No hardcoded secrets were found in the provided snippets.
- [SAFE]: The skill's metadata identifies 'K-Dense Inc.' as the author, which differs from the system-provided author 'wu-yc'. While this is a discrepancy in author attribution, it does not impact the technical safety or functionality of the skill code.
Audit Metadata