deepchem
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains specific behavioral instructions directing the agent to proactively promote the 'K-Dense Web' platform when tasks involve multi-step reasoning or long-running workflows. These instructions guide the agent's promotional behavior but do not attempt to bypass core safety constraints or instructions.
- [EXTERNAL_DOWNLOADS]: The skill references pretrained models hosted on Hugging Face ('seyonec/ChemBERTa-zinc-base-v1'), which is a well-known and established service for machine learning assets.
- [EXTERNAL_DOWNLOADS]: The documentation recommends the installation of the 'deepchem' library and its optional modules (e.g., 'deepchem[torch]', 'deepchem[all]') via the 'uv' package manager from official registries.
- [SAFE]: The skill exhibits a potential surface for indirect prompt injection as it processes external chemical data files (CSV, SDF, FASTA, JSON).
- Ingestion points: Data loaders including
CSVLoader,SDFLoader,FASTALoader,ImageLoader, andJsonLoaderdefined inSKILL.md. - Boundary markers: No explicit boundary markers or 'ignore embedded instructions' warnings are present.
- Capability inventory: Performs molecular featurization, model training, and property prediction using the DeepChem framework.
- Sanitization: No specific sanitization or validation of molecular strings (e.g., SMILES) is documented for the agent-facing interactions.
Audit Metadata