Skills
skills/steadfastasart/geoscience-skills/gempy/Gen Agent Trust Hub

gempy

Warn

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The script scripts/export_model.py contains a load_model function that utilizes pickle.load() to deserialize data from files ending in .pkl. The Python documentation explicitly warns that the pickle module is not secure against erroneous or maliciously constructed data. If an agent is induced to load a crafted pickle file from an untrusted source, it could lead to arbitrary code execution within the agent's environment.
  • [COMMAND_EXECUTION]: The use of unsafe deserialization via pickle provides a vector for arbitrary code execution. This allows an attacker who can provide a malicious model file to run system commands with the privileges of the AI agent process.
  • [REMOTE_CODE_EXECUTION]: The skill relies on the gempy and pyvista libraries for complex computation and 3D rendering. While these are legitimate scientific tools, the skill's own script implementation introduces the deserialization risk mentioned above.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 8, 2026, 07:41 AM
Security Audit — agent-trust-hub — gempy