matchms
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill describes functions that retrieve data from external scientific sources, such as PubChem (via
derive_annotation_from_compound_name) and Universal Spectrum Identifier (USI) repositories (viaload_from_usi). These are legitimate features for metadata enrichment in metabolomics research. - [REMOTE_CODE_EXECUTION]: Matchms supports data serialization via the Python
picklemodule (load_from_pickleandsave_as_pickle). While this is a standard method for preserving the state of complex Python objects like mass spectra, users should ensure they only load files from trusted sources to avoid potential risks associated with untrusted data deserialization. - [PROMPT_INJECTION]: The skill processes external data files (mzML, MGF, MSP, JSON) which constitutes a vulnerability surface for indirect prompt injection if the metadata contains malicious instructions. However, the skill provides extensive filtering and harmonization functions (e.g.,
default_filters,clean_compound_name) that help standardize and sanitize the input data. - Ingestion points: Data is ingested from external files via functions like
load_from_mgfandload_from_json(found inreferences/importing_exporting.md). - Boundary markers: No explicit prompt boundary markers or instructions to ignore embedded commands are present in the provided examples.
- Capability inventory: The skill can write files (
save_as_mgf) and perform network requests for metadata enrichment (PubChem, USI). - Sanitization: The library includes robust filtering mechanisms such as
clean_compound_nameandharmonize_undefined_smiles(found inreferences/filtering.md) which process and validate metadata.
Audit Metadata