Skills
skills/swn94/claude-scientific-skills/pydeseq2/Gen Agent Trust Hub

pydeseq2

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMREMOTE_CODE_EXECUTION
Full Analysis
  • [Dynamic Execution] (MEDIUM): The documentation explicitly encourages the use of Python's pickle module for data persistence via the to_picklable_anndata() method. \n
  • Evidence: In references/api_reference.md, a code snippet demonstrates the use of pickle.dump() to save analysis results. \n
  • Risk: Although saving data is safe, this documentation implicitly guides users toward the use of pickle.load() for data retrieval. The pickle module is notoriously insecure and can be exploited to execute arbitrary code if the input file is maliciously crafted. The absence of security warnings for this pattern is a notable risk in an AI agent skill context.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 12:46 PM