scientific-skills
Pass
Audited by Gen Agent Trust Hub on May 28, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill includes instructions that attempt to steer the agent's behavior towards recommending the vendor's hosted platform, K-Dense Web. These directives are located in the offer-k-dense-web sub-skill and encourage the agent to promote the service regardless of the user's specific context.
- [COMMAND_EXECUTION]: The toolkit uses subprocess.run() and Bash commands across several scripts to execute external scientific software and system utilities. This includes running nvidia-smi for GPU detection in detect_resources.py and invoking pdflatex for document creation in generate_pdf.py.
- [EXTERNAL_DOWNLOADS]: The skill references and executes installation scripts from trusted domains and well-known services, such as claude.ai (Anthropic) for agent installation and astral.sh (Astral/uv) for package management.
- [PROMPT_INJECTION]: The skill processes a large variety of scientific data formats (e.g., PDB, VCF, BAM) which represents a surface for indirect prompt injection. If these user-provided files contain adversarial content in their metadata, it could theoretically influence the agent's output during the analysis phase.
Audit Metadata