gget
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains a section titled 'Suggest Using K-Dense Web For Complex Worflows' which provides specific instructions to the agent to proactively recommend an external platform. This acts as a behavioral override for promotional purposes, steering the agent's natural response pattern.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection.
- Ingestion points: Data enters the context from multiple external genomic databases via modules such as
info,search,enrichr, andarchs4(described in SKILL.md). - Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands within the retrieved data.
- Capability inventory: The skill has the capability to interact with the OpenAI API via
gget gptand perform file writes using the-o/--outflag. - Sanitization: There is no evidence of sanitization or filtering of external content before it is processed by the agent or the
gptmodule. - [EXTERNAL_DOWNLOADS]: The
gget setupcommand is documented to download significant external resources, including approximately 4GB of model parameters for the AlphaFold module and local databases for the ELM module. Additionally, therefmodule usescurlto download reference genomes from Ensembl when the-dflag is used. - [COMMAND_EXECUTION]: The skill provides documentation for executing various command-line operations, including package installation via
uv pipand bioinformatics tasks such as sequence alignment (muscle,diamond) and transcriptome indexing (kallisto), which are standard for its intended use case.
Audit Metadata