Skills
skills/adaptyvbio/protein-design-skills/proteinmpnn/Gen Agent Trust Hub

proteinmpnn

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill clones the repository 'https://github.com/dauparas/ProteinMPNN' to access necessary scripts. This organization and repository are not on the trusted GitHub sources list, classifying it as an unverifiable external dependency.
  • COMMAND_EXECUTION (LOW): The skill instructs the agent to execute local Python scripts ('protein_mpnn_run.py') and the Modal CLI ('modal run'). These operations are necessary for the primary function of the skill but involve running code that is not part of the skill package itself.
  • PROMPT_INJECTION (LOW): The skill has a surface for Indirect Prompt Injection (Category 8) due to its processing of untrusted external data files.
  • Ingestion points: The skill ingests data from '--pdb_path', '--fixed_positions_jsonl', '--bias_AA_jsonl', and '--omit_AA_jsonl' parameters in 'SKILL.md'.
  • Boundary markers: Absent. The instructions do not provide delimiters or 'ignore embedded instructions' warnings for the data being processed.
  • Capability inventory: The skill possesses the capability to execute shell commands, run python scripts, and use the Modal cloud platform.
  • Sanitization: No sanitization, escaping, or validation of the input file content is explicitly described or implemented in the provided documentation.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:09 PM