tooluniverse-metabolomics-analysis
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Potential surface for indirect prompt injection through untrusted data ingestion.
- Ingestion points: Data is loaded from external files via the 'load_metabolomics_data' function in 'SKILL.md'.
- Boundary markers: The analysis logic lacks explicit markers or 'ignore' instructions to differentiate between user data and instructions when processing metabolite identifiers.
- Capability inventory: Data from processed files is passed as arguments to 'tooluniverse' functions like 'hmdb_search_by_mass' and 'kegg_find_compound'.
- Sanitization: No input sanitization or validation of strings extracted from peak tables or spectra is performed before processing.
- [EXTERNAL_DOWNLOADS]: The skill queries established scientific databases including HMDB, KEGG, and PubChem. These external lookups are facilitated through the vendor-specific 'tooluniverse' framework and are consistent with standard bioinformatics workflows for metabolite annotation.
- [COMMAND_EXECUTION]: The skill uses standard data science libraries such as 'pandas', 'numpy', and 'scikit-learn' for statistical computations, PCA, and PLS-DA. These operations are conducted on locally loaded datasets for analysis purposes and do not involve suspicious subprocess or shell execution patterns.
- [SAFE]: No malicious patterns, such as hardcoded credentials, multi-layer obfuscation, or unauthorized network exfiltration, were identified during the analysis. Author context indicates that 'tooluniverse' references are legitimate vendor-owned resources.
Audit Metadata