rowan
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected in the skill files.
- [INDIRECT_PROMPT_INJECTION]: The skill possesses a data ingestion surface for molecular formats (SMILES, PDB, XYZ) which could be used for indirect prompt injection. However, given the skill's specific purpose and lack of high-risk capabilities, the risk is minimal.
- Ingestion points: Data is loaded via
stjames.Molecule.from_smiles,stjames.Molecule.from_file, androwan.upload_proteinacrossSKILL.mdand reference files. - Boundary markers: None identified.
- Capability inventory: Limited to specialized chemistry API calls and downloading result files (SDF, PDB) to the local system.
- Sanitization: Includes chemical structure validation through the
stjameslibrary but lacks specific adversarial instruction filtering. - [DATA_EXPOSURE]: The skill manages authentication through API keys and correctly recommends using environment variables for secure storage, consistent with best practices.
- [EXTERNAL_DOWNLOADS]: All network operations are directed to the Rowan platform's official infrastructure at
labs.rowansci.comand the author's sitek-dense.ai.
Audit Metadata