Skills
skills/starlitnightly/omicverse/bulk-rna-seq-batch-correction-with-combat/Gen Agent Trust Hub

bulk-rna-seq-batch-correction-with-combat

Warn

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: MEDIUMREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill instructs the user to load data using pd.read_pickle() in both SKILL.md (Instruction 2) and reference.md. This function is inherently insecure as it utilizes the Python pickle module for deserialization, which can be exploited to execute arbitrary code if a maliciously crafted file is provided as input.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its data ingestion patterns.
  • Ingestion points: Files are loaded via pd.read_pickle and pd.read_csv in SKILL.md and reference.md.
  • Boundary markers: None identified; there are no instructions to ignore embedded commands in the input data.
  • Capability inventory: The skill has the capability to execute code via pickle and performs file write operations (to_csv, write_h5ad) in reference.md.
  • Sanitization: No validation or sanitization of the input data structure or content is performed before processing.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 18, 2026, 10:43 AM