datamol
Pass
Audited by Gen Agent Trust Hub on May 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill serves as legitimate documentation for the
datamolcheminformatics library, providing useful examples for molecular data processing. - [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it documents tools for ingesting data from external, potentially untrusted sources like CSV, SDF, and remote URLs. Ingestion points: Functions such as
dm.read_sdf,dm.read_csv, anddm.open_dfinreferences/io_module.md. Boundary markers: No explicit delimiters or instructions to ignore embedded natural language commands are identified in the documentation. Capability inventory: The skill allows for file writing (dm.to_sdf,dm.save_df), network operations (viafsspec), and molecular visualization (dm.viz.to_image). Sanitization: While the library performs chemical validation and standardization, it lacks sanitization for potential natural language instructions embedded within data fields. - [EXTERNAL_DOWNLOADS]: Documents standard installation procedures for the
datamolpackage and features for fetching datasets from remote protocols (HTTP, S3, GCS) as part of its core functionality.
Audit Metadata