pyopenms
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [External Downloads] (MEDIUM): The skill requires the installation of the
pyopenmsPython package. - Evidence: Found
uv uv pip install pyopenmsinSKILL.md. - Risk: The package is downloaded from the public PyPI registry and is not from a source on the trusted organizations list, presenting a supply-chain risk. The command also contains a minor typo (
uv uv). - [Command Execution] (LOW): The skill provides shell commands and Python code for package installation and data processing.
- Evidence: Multiple code blocks across
SKILL.mdand reference files. - Risk: Commands are standard for the library's functionality and do not exhibit suspicious behavior such as arbitrary execution from untrusted sources.
- [Indirect Prompt Injection] (LOW): The skill processes external mass spectrometry files (mzML, FASTA, etc.), which could theoretically contain malicious data intended to influence the agent.
- Ingestion points: File loading functions like
ms.MzMLFile().load(),ms.FASTAFile().load(), andms.IdXMLFile().load()inreferences/file_io.md. - Boundary markers: None present in the code examples to delimit external data from agent instructions.
- Capability inventory: File system access (read/write via
storeandloadmethods), data analysis, and result display to terminal. - Sanitization: No sanitization or validation logic for the content of the mass spectrometry files is provided in the snippets.
- Risk: Since the skill primarily processes data for scientific analysis and does not make high-privilege decisions or external network calls based on the parsed file content, the risk is classified as low.
Audit Metadata