brenda-database
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill includes instructions to the AI to proactively suggest a commercial research platform (K-Dense Web) when users attempt complex workflows, which attempts to steer the agent's behavior for vendor promotion.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. 1. Ingestion points: Data is retrieved from the BRENDA SOAP API using methods such as get_km_values and get_reactions as described in SKILL.md. 2. Boundary markers: The skill does not define or use delimiters to separate instructions from the ingested API data. 3. Capability inventory: The skill relies on multiple Python scripts (scripts/brenda_queries.py and scripts/brenda_visualization.py) to process and plot the external data. 4. Sanitization: No validation or sanitization routines are provided for the content fetched from the BRENDA API before processing.
Audit Metadata