bio-expression-matrix-sparse-handling
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- [Dynamic Execution] (MEDIUM): Detected unsafe deserialization pattern in Python code.
- Evidence:
loaded = np.load('counts_with_meta.npz', allow_pickle=True)in fileSKILL.md. - Risk: The
picklemodule is not secure against erroneous or maliciously constructed data. Enablingallow_picklewhen loading data from potentially untrusted sources can lead to arbitrary code execution on the host machine. - [Indirect Prompt Injection] (LOW): The skill possesses an ingestion surface for untrusted external data.
- Ingestion points: File reading operations in
SKILL.mdincludingpd.read_csv('counts.csv'),scipy.io.mmread('matrix.mtx'), andad.read_h5ad('counts.h5ad'). - Boundary markers: None. Data is loaded directly into memory objects.
- Capability inventory: Matrix operations, file read/write. No network operations or shell access capabilities were detected in the scripts.
- Sanitization: No validation or sanitization of file contents is performed before processing.
Audit Metadata