pylabrobot
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Unverifiable Dependencies & Remote Code Execution] (LOW): The skill documentation suggests installing the
pylabrobotpackage via pip (uv pip install pylabrobot). While this is the core library required for the skill's purpose, it is an external dependency from a source not included in the pre-defined trusted organizations list. The severity is reduced from MEDIUM to LOW as it is the primary intended dependency.\n- [Indirect Prompt Injection] (LOW): The skill processes data from analytical equipment which could serve as an attack surface for indirect prompt injection.\n - Ingestion points: Data is ingested via
PlateReader.read_absorbanceas shown inSKILL.md.\n - Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are present in the provided snippets.\n
- Capability inventory: The skill possesses significant capabilities, including physical control of liquid handling robots, centrifuges, and incubators.\n
- Sanitization: No sanitization or validation of the analytical data is implemented before it enters the agent context.\n- [Command Execution] (SAFE): The skill uses Python to interface with laboratory hardware. While this involves executing commands that affect the physical world, this behavior is the explicitly stated and intended purpose of the skill.
Audit Metadata