Skills
skills/davila7/claude-code-templates/labarchive-integration/Gen Agent Trust Hub

labarchive-integration

Fail

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (HIGH): The skill instructs users to install the labarchives-py package directly from an untrusted personal GitHub repository (github.com/mcmero/labarchives-py) instead of a verified organization or the official PyPI registry.
  • REMOTE_CODE_EXECUTION (HIGH): The skill executes code from the unverified labarchivespy library. Since the installation source is untrusted, this allows for arbitrary code execution if the repository contains malicious logic or is compromised.
  • CREDENTIALS_UNSAFE (HIGH): The scripts/setup_config.py script prompts users for high-privilege credentials, including institutional access passwords and user passwords, and stores them in plain text in config.yaml. This creates a local target for credential theft and potential exposure if an AI agent reads or leaks the file content.
  • PROMPT_INJECTION (MEDIUM): The skill is vulnerable to indirect prompt injection (Category 8). It ingests untrusted external data (notebook entries, comments, and file attachments) and stores them locally via scripts/notebook_operations.py. If a downstream agent or process analyzes these backups, malicious instructions embedded in the LabArchives content could influence subsequent agent behavior.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 15, 2026, 10:16 PM