fluidsim
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands for simulation management, specifically using mpirun for parallel computing and uv pip for package installation. It also generates Python scripts dynamically to facilitate cluster job submissions through the fluiddyn cluster interface.
- [EXTERNAL_DOWNLOADS]: The skill downloads the fluidsim package and its scientific dependencies from official package registries during setup.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the processing of simulation output files.
- Ingestion points: The agent reads and interprets data from HDF5 (.h5) files and simulation directories using functions like load_sim_for_plot and load_state_phys_file in references/output_analysis.md.
- Boundary markers: No explicit delimiters or instructions to ignore embedded content are used when loading external simulation data.
- Capability inventory: The skill possesses significant capabilities, including shell command execution (mpirun), file system writes, and the ability to generate and submit scripts for execution on compute clusters.
- Sanitization: There is no evidence of sanitization or structural validation for the content loaded from external simulation files before it is processed by the agent.
Audit Metadata