The Agent Skills Directory

EXTERNAL_DOWNLOADS (MEDIUM): The skill instructions (SKILL.md) and setup scripts require the installation of the 'labarchives-py' package from an untrusted GitHub repository (https://github.com/mcmero/labarchives-py). This source is not among the trusted organizations or official registries, representing a potential supply chain vulnerability.\n- CREDENTIALS_UNSAFE (LOW): The 'scripts/setup_config.py' script is designed to prompt users for institutional API keys and personal account passwords, which are then stored in 'config.yaml'. While the script attempts to set restrictive file permissions (chmod 600), the storage of cleartext credentials in the local environment is a security risk if the system is compromised.\n- COMMAND_EXECUTION (LOW): The skill relies on the execution of multiple local Python scripts ('setup_config.py', 'notebook_operations.py', 'entry_operations.py') to perform its core functions. These scripts handle sensitive data and perform network requests to the LabArchives API.

labarchive-integration