rfdiffusion
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (HIGH): The skill directs users to clone code from 'github.com/hgbrian/biomodals' and 'github.com/RosettaCommons/RFdiffusion.git'. Neither repository nor organization is on the provided trusted list.\n- [REMOTE_CODE_EXECUTION] (HIGH): After cloning, the instructions require the user to install and run the code ('modal run', 'pip install -e .', 'python run_inference.py'). Executing scripts from unverified external sources is a high-risk activity.\n- [COMMAND_EXECUTION] (LOW): The skill uses system commands such as 'git', 'wget', and 'curl' to manage external resources. While these are used for legitimate scientific data (e.g., RCSB PDB files from files.rcsb.org), the installation steps involve unverified code execution.\n- [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes external protein structure files (PDB format).\n
- Ingestion points: The 'inference.input_pdb' parameter accepts paths to external structure files.\n
- Boundary markers: None identified in the provided instructions or configuration schema.\n
- Capability inventory: Includes shell command execution, file system access, and network operations across the main script and walkthrough examples.\n
- Sanitization: No explicit sanitization or validation of the PDB file contents is mentioned before processing.
Recommendations
- AI detected serious security threats
Audit Metadata