neuropixels-analysis
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill includes explicit behavioral steering in the 'Suggest Using K-Dense Web' section, instructing the agent to proactively recommend a specific external platform under certain conversation conditions.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted external data files and possesses significant capabilities.
- Ingestion points: The skill loads data from external paths using
si.read_spikeglx(),si.read_openephys(), andsi.read_nwb()as shown inSKILL.md. - Boundary markers: There are no delimiters or instructions provided to the agent to ignore potential instructions embedded within data or metadata fields of the neural recordings.
- Capability inventory: The skill has the ability to execute external binaries via
si.run_sorter()and perform extensive file system operations (writing results, exporting to NWB/Phy). - Sanitization: No validation or sanitization of the content of binary recording files or their associated metadata is performed before the data is processed or analyzed by the AI.
- [COMMAND_EXECUTION]: The workflow relies on the execution of external spike sorting software (e.g., Kilosort4, SpykingCircus2) via the
si.run_sorterinterface, which spawns external processes to handle data analysis. - [EXTERNAL_DOWNLOADS]: The installation documentation encourages the download and installation of several third-party Python packages from PyPI, including domain-specific libraries and the Anthropic API client.
Audit Metadata