Skills
skills/starlitnightly/omicverse/single2spatial-spatial-mapping/Gen Agent Trust Hub

single2spatial-spatial-mapping

Warn

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides instructions to load model weights from .pth files via st_model.load. These files typically employ Python's pickle serialization, which can lead to arbitrary code execution if the file originates from an untrusted source.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection through its data loading workflow.
  • Ingestion points: Data is ingested via pd.read_csv from external CSV files containing expression matrices and metadata.
  • Boundary markers: None. The instructions do not include markers or warnings to prevent the agent from interpreting data content as instructions.
  • Capability inventory: The skill possesses capabilities for file system writes (write_h5ad) and complex visualization, which could be exploited following a successful injection.
  • Sanitization: The skill lacks any input validation or sanitization routines for the data processed from external files.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 10, 2026, 09:41 AM