Skills
skills/eturkes/claude-scientific-skills/labarchive-integration/Gen Agent Trust Hub

labarchive-integration

Warn

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill's documentation (SKILL.md) and setup scripts recommend installing the labarchives-py library directly from an unverified third-party GitHub repository (https://github.com/mcmero/labarchives-py). This source is not associated with the skill author or a trusted organization, posing a supply chain risk as the library is executed in the agent's environment.
  • [CREDENTIALS_UNSAFE]: The scripts/setup_config.py script prompts users for sensitive institutional API keys and external application passwords, which are then stored in a plaintext config.yaml file. While the script attempts to set restrictive file permissions, storing high-entropy secrets in unencrypted local files is a security weakness that can lead to credential exposure.
  • [COMMAND_EXECUTION]: The included Python scripts (scripts/entry_operations.py, scripts/notebook_operations.py) perform extensive file system operations, including directory creation and binary file writing for backups. These capabilities, while intended for notebook management, provide a significant attack surface if compromised via the external dependency.
  • [DATA_EXFILTRATION]: The skill is designed to retrieve and transmit comprehensive research data, including notebook entries, member lists, and file attachments, to remote API endpoints. The ability to read sensitive data and send it over the network represents a high-risk data handling surface.
  • [DATA_EXFILTRATION]: Evidence Chain for Indirect Prompt Injection surface:
  • Ingestion points: API responses containing notebook content and comments are processed in scripts/notebook_operations.py and scripts/entry_operations.py.
  • Boundary markers: Absent. The skill does not use delimiters to isolate retrieved data from agent instructions.
  • Capability inventory: Network requests via requests, file system writes for backups, and file uploads.
  • Sanitization: Minimal; the skill wraps some content in HTML tags but does not perform robust escaping of data retrieved from the electronic lab notebook.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 16, 2026, 10:49 PM