Skills
skills/crazymsn/academic-skills/pathml/Gen Agent Trust Hub

pathml

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructions specify the installation of the pathml package via standard Python package managers.
  • [DATA_EXFILTRATION]: The skill includes functionality to send image data to the DeepCell cloud API (deepcell.org) for remote segmentation via the SegmentMIFRemote transform. This is a documented feature of the toolkit used when local GPU resources are unavailable, utilizing an established and well-known research service.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection due to its handling of complex external data.
  • Ingestion points: The skill processes various whole-slide image formats (e.g., SVS, NDPI, DICOM) as described in references/image_loading.md and references/multiparametric.md.
  • Boundary markers: No explicit instructions or delimiters were identified to distinguish between data-driven inputs and agent instructions.
  • Capability inventory: The skill possesses capabilities for local file system writes (to_hdf5), network transmission (SegmentMIFRemote), and execution of analytical pipelines.
  • Sanitization: The skill relies on underlying format-specific backend libraries (OpenSlide, Bio-Formats) for parsing binary data but does not specify secondary validation or sanitization for metadata fields which could theoretically contain malicious text.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 09:23 AM
Security Audit — agent-trust-hub — pathml