diffdock
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The script
scripts/prepare_batch_csv.pyprocesses external CSV files provided by users, which is a potential entry point for malicious instructions aimed at the agent processing the data. - Ingestion points: The
pd.read_csv(csv_path)call inscripts/prepare_batch_csv.pyaccepts external data files. - Boundary markers: None identified; the skill does not use specific delimiters or instructions to prevent the agent from following directions embedded in the CSV content.
- Capability inventory: No dangerous capabilities like arbitrary command execution (
eval,subprocess) or unauthorized network requests were detected in the provided scripts. - Sanitization: The script performs validation on chemical structure strings (SMILES) and verifies file paths, but it does not include sanitization against prompt-based attacks.
- [External Downloads] (SAFE): Documentation and environment scripts reference official scientific software repositories on GitHub and standard registries like PyPI. No automated downloads of untrusted scripts were found.
- [Data Exposure] (SAFE): No credentials, private keys, or sensitive local configuration paths (e.g.,
.aws/credentials) were detected in the skill's source files. - [Obfuscation] (SAFE): No obfuscated code, zero-width characters, or multi-layer encoding was found.
Audit Metadata