labarchive-integration
Warn
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs users to download and install a Python library (labarchives-py) from a personal GitHub repository (github.com/mcmero/labarchives-py) that is not part of the trusted vendors list or a well-known organization.
- [REMOTE_CODE_EXECUTION]: By installing a library from an unverified external source and subsequently importing it into the skill's scripts, the agent creates a path for executing arbitrary code from that repository.
- [CREDENTIALS_UNSAFE]: The skill's configuration process involves storing sensitive API credentials and "external application passwords" in a local config.yaml file. While the setup script attempts to set restrictive file permissions (600), storing secrets in plaintext on the file system is a risk.
- [COMMAND_EXECUTION]: The skill provides multiple Python scripts (setup_config.py, entry_operations.py, notebook_operations.py) designed to be executed via the command line to perform API operations.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface.
- Ingestion points: Processes data from the LabArchives API (notebook content, entries, comments) within scripts/notebook_operations.py and scripts/entry_operations.py.
- Boundary markers: None identified in the provided code to distinguish between data and instructions.
- Capability inventory: The skill can create notebook entries, add comments, and upload attachments using the LabArchives API.
- Sanitization: No sanitization or validation of the data retrieved from the API is performed before it is processed by the scripts.
Audit Metadata