Skills
skills/adaptyvbio/protein-design-skills/boltzgen/Gen Agent Trust Hub

boltzgen

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The skill clones untrusted repositories from hgbrian/biomodals and HannesStark/boltzgen. These sources are not on the trusted list.
  • [REMOTE_CODE_EXECUTION] (MEDIUM): The skill executes downloaded scripts via modal run and python. This pattern of 'download then execute' from untrusted sources is a high-risk vector, downgraded to MEDIUM as it is the primary intended use case for the design tools.
  • [COMMAND_EXECUTION] (LOW): Uses modal and python CLI for various pipeline operations.
  • [INDIRECT_PROMPT_INJECTION] (LOW): Processes untrusted YAML and CIF/PDB files. Evidence: 1. Ingestion: binder_config.yaml, target.cif. 2. Boundary markers: Absent. 3. Capability inventory: modal run (remote execution), local python execution. 4. Sanitization: Includes 'boltzgen check' command for schema verification.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:09 PM