structure-prediction-boltz-2
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the 'boltz' package from the Python Package Index (PyPI). Boltz is a well-known open-source tool for biomolecular structure prediction developed by Genesis Therapeutics.
- [COMMAND_EXECUTION]: The skill uses 'subprocess.Popen' to invoke the 'boltz' command-line tool. It passes arguments as a list (e.g., ['boltz', 'predict', input_file, ...]), which is a secure practice that prevents shell injection vulnerabilities.
- [COMMAND_EXECUTION]: The Python snippets pass 'self.env' to the subprocess environment. While this shares the current environment variables with the 'boltz' process, it is standard for local scientific tools that may require access to CUDA or library paths defined in the environment.
- [SAFE]: The skill processes biological sequences and SMILES strings provided as input. It uses 'yaml.dump' to generate configuration files, ensuring that the structured data is properly formatted and preventing injection into the YAML schema.
Audit Metadata