bears-workflows
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill interacts with the OpenRouter API (https://openrouter.ai) to facilitate LLM-driven optimization. OpenRouter is a well-known service for accessing various AI models and is used here for legitimate experimental parameter suggestions.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests measurements from external hardware (camera images and balance data) which are then interpolated into LLM prompts.
- Ingestion points: Camera images processed via
scripts/image_processing.pyand gravimetric data from a mass balance described inreferences/viscosity-optimization.md. - Boundary markers: Not present in the prompt templates within
scripts/optimizers.py. - Capability inventory: Automated liquid handling protocol execution on Opentrons OT-2 hardware and local command execution via
uv run. - Sanitization: Measurements are validated and cast to numeric types (int/float) before being formatted into strings for prompt interpolation.
- [COMMAND_EXECUTION]: The documentation describes using the
uvpackage manager to run a local bridge service (edge/balance.py) to handle serial communication with a mass balance. This is a standard operational requirement for the skill's laboratory use case. - [SAFE]: The skill demonstrates a high security posture by utilizing environment variables for the
OPENROUTER_API_KEYandROBOT_IP, and it includes explicit rules preventing the agent from asking the user to reveal secrets in the chat.
Audit Metadata