Skills
skills/fl-sean03/agentic-science-worker/lammps-simulation/Gen Agent Trust Hub

lammps-simulation

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • PROMPT_INJECTION (HIGH): The skill facilitates indirect prompt injection by design. Ingestion points: The workflow (Step 4) instructs the agent to use WebFetch to download supplementary materials and literature from the internet to find simulation parameters. Boundary markers: The skill lacks instructions to isolate external content or ignore embedded instructions. Capability inventory: The agent can execute shell commands via Bash and modify files using Write and Edit. Sanitization: No validation is performed on the data retrieved from external sources before it is used to construct local scripts and commands.
  • COMMAND_EXECUTION (MEDIUM): The skill utilizes the Bash tool to execute a LAMMPS binary via an environment variable ($LMP). The logic allows for the creation of arbitrary input files based on external data, which can be leveraged for command injection if the input file syntax or the shell execution environment is exploited.
  • EXTERNAL_DOWNLOADS (LOW): The instructions suggest downloading scientific potentials and parameter files from external sources. While it mentions the NIST repository, it broadly encourages literature searches, which may point the agent to untrusted or adversarial domains.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 12:40 PM