campaign-manager
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill references downloading protein structures from 'files.rcsb.org', a reputable scientific repository. This is standard behavior for the domain.
- [COMMAND_EXECUTION] (SAFE): The shell scripts provide templates for orchestrating protein design pipelines using the Modal CLI. These are intended for user-controlled environments and match the skill's stated purpose.
- [PROMPT_INJECTION] (LOW): Potential surface for indirect prompt injection identified (Category 8).
- Ingestion points: Processes external CSV files in the 'assess_campaign' function and PDB files via 'curl'.
- Boundary markers: Absent; the skill does not define delimiters to separate data from instructions.
- Capability inventory: The orchestration involves executing external subprocesses ('modal run') based on the campaign flow.
- Sanitization: Absent; no logic is provided to sanitize or validate the contents of the ingested files before processing.
Audit Metadata