Skills
skills/starlitnightly/omicverse/bulk-rna-seq-batch-correction-with-combat/Gen Agent Trust Hub

bulk-rna-seq-batch-correction-with-combat

Warn

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: MEDIUMREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: Use of unsafe deserialization via pandas.read_pickle.
  • Both SKILL.md and reference.md instruct the user to load datasets using pd.read_pickle() (e.g., dataset_1 = pd.read_pickle('data/combat/GSE18520.pickle')).
  • Python's pickle module is inherently insecure and can result in arbitrary code execution when loading untrusted data. A malicious actor providing a crafted pickle file could compromise the system running the agent.
  • [PROMPT_INJECTION]: Vulnerability to indirect prompt injection through external data ingestion.
  • Ingestion points: The skill reads user-provided expression tables and pickled matrices using pd.read_pickle and pd.read_csv as described in SKILL.md and demonstrated in reference.md.
  • Boundary markers: There are no instructions to use delimiters or ignore instructions embedded within the processed data files.
  • Capability inventory: The skill includes file-writing capabilities such as adata.write_h5ad('adata_batch.h5ad', compression='gzip') and raw.to_csv('raw_data.csv').
  • Sanitization: The skill lacks any steps for sanitizing or validating the content of the input CSV or Pickle files before they are processed and used for downstream analysis.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 10, 2026, 10:02 AM