Skills
skills/crazymsn/academic-skills/esm/Gen Agent Trust Hub

esm

Warn

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: MEDIUMREMOTE_CODE_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill uses Python's 'pickle' module to manage local data persistence for embeddings and batch processing states.
  • Evidence (references/esm-c-api.md): The 'EmbeddingCache' class utilizes 'pickle.load()' to restore cached protein embeddings from 'embeddings_cache.pkl'.
  • Evidence (references/forge-api.md): The 'CheckpointedBatchProcessor' class uses 'pickle.load()' to resume interrupted batch generation jobs from 'checkpoint.pkl'.
  • Context: While used for local caching of the skill's own generated data, 'pickle' is inherently insecure because it can execute arbitrary code during the deserialization process. This represents a security risk if an attacker provides a malicious '.pkl' file to the agent's environment.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 14, 2026, 09:23 AM
Security Audit — agent-trust-hub — esm