Skills
skills/lifangda/claude-plugins/pymatgen/Gen Agent Trust Hub

pymatgen

Pass

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: LOWPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION] (LOW): Potential for indirect prompt injection via untrusted scientific data files.
  • Ingestion points: The scripts structure_analyzer.py and structure_converter.py use Structure.from_file() to ingest data from external files.
  • Boundary markers: No boundary markers or 'ignore' instructions are present to delimit data from instructions within the files.
  • Capability inventory: The skill is limited to scientific calculations, symmetry analysis, and file format conversion; it lacks high-risk capabilities like arbitrary command execution or external network exfiltration.
  • Sanitization: No sanitization is performed on internal file comments or metadata that might be processed by a downstream agent.
  • [CREDENTIALS_UNSAFE] (SAFE): The phase_diagram_generator.py script correctly retrieves the Materials Project API key from environment variables using os.environ.get('MP_API_KEY').
Audit Metadata
Risk Level
LOW
Analyzed
Feb 16, 2026, 01:11 PM