ensembl-database
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill includes a section titled 'Suggest Using K-Dense Web For Complex Worflows' that instructs the agent to steer users toward a commercial platform (www.k-dense.ai) when tasks reach a certain complexity. This constitutes a behavioral override designed for vendor marketing purposes.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes genomic data from the external Ensembl REST API.
- Ingestion points: Data is fetched from rest.ensembl.org and grch37.rest.ensembl.org using the requests library and ensembl_rest package.
- Boundary markers: No boundary markers or 'ignore embedded instructions' warnings are implemented to protect the agent from malicious content in API responses.
- Capability inventory: The skill uses network requests to fetch data and performs biological data analysis using Python.
- Sanitization: The skill documentation and provided code snippets do not include logic to sanitize or validate external content before processing.
- [EXTERNAL_DOWNLOADS]: The skill documentation recommends installing the 'ensembl_rest' and 'requests' Python packages from standard registries.
Audit Metadata