fluidsim
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (MEDIUM): Ingestion of external simulation data presents a vulnerability surface. 1. Ingestion points:
load_sim_for_plot,load_state_phys_file, andos.listdirinoutput_analysis.mdandadvanced_features.md. 2. Boundary markers: Absent. 3. Capability inventory: Cluster job submission (cluster.submit_script), MPI subprocess execution (mpirun), and file system write operations. 4. Sanitization: Absent. - [Dynamic Execution] (MEDIUM): The skill demonstrates generating Python scripts at runtime for submission to compute clusters using f-string templates in
advanced_features.md. This pattern is susceptible to code injection if variable components (e.g., parameter names or values) are derived from untrusted agent inputs. - [Command Execution] (LOW): The documentation includes instructions for executing parallel simulations via
mpirun, involving standard subprocess creation and management.
Audit Metadata