fold
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill handles authentication via a
FASTFOLD_API_KEYstored in a local.envfile. It guides the agent to help the user set up this file from a template while explicitly prohibiting the sharing or requesting of secrets in the chat interface.\n- [EXTERNAL_DOWNLOADS]: The skill downloads protein structure artifacts fromartifacts.fastfold.ai. It includes a dedicatedsecurity_utils.pymodule that validates the host domain, enforces HTTPS, and checks file extensions to ensure data integrity during the download process.\n- [COMMAND_EXECUTION]: Local Python scripts are used to interact with the API using the standard library'surllibmodule. All user-supplied inputs, such as job IDs and base URLs, are strictly validated as UUIDs and sanitized before being incorporated into system calls or network requests.\n- [PROMPT_INJECTION]: The skill includes defensive instructions inSKILL.mdthat warn the agent to treat all API response data as untrusted content. This prevents the agent from interpreting fields like job names or sequence data as executable instructions, protecting against indirect prompt injection.\n- [DATA_EXFILTRATION]: Communication is limited to official vendor domains (api.fastfold.ai,artifacts.fastfold.ai). The skill scripts do not demonstrate any capability or intent to exfiltrate sensitive user data to unauthorized external locations.
Audit Metadata