Back to skill

Security audit

Pseudotime Trajectory Viz

Security checks across malware telemetry and agentic risk

Overview

This is a local single-cell analysis skill that reads a user-provided AnnData file and writes expected local results, with no evidence of hidden access, exfiltration, persistence, or destructive behavior.

Install in an isolated Python environment, use only AnnData files you are allowed to analyze, and send outputs to a controlled directory. Review generated CSV, JSON, plots, and .h5ad files before sharing because they may include cell IDs, annotations, or sample-derived metadata. Treat automatically inferred roots, lineages, and pseudotime values as exploratory results requiring biological validation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (11)

Lp3

Medium
Category
MCP Least Privilege
Confidence
83% confidence
Finding
The skill explicitly instructs execution of `scripts/main.py` and documents creation of multiple output files, yet it does not declare corresponding permissions or constraints. This mismatch can cause agents or reviewers to underestimate filesystem side effects, increasing the risk of unintended writes or misuse if the script handles paths unsafely.

Intent-Code Divergence

Medium
Confidence
78% confidence
Finding
The audit-ready command uses free text for `--input` even though the rest of the skill defines `--input` as a path to an AnnData `.h5ad` file. This contradiction can lead users or agents to invoke the script in an unsupported mode, which is dangerous because input validation assumptions may fail and the code may process arbitrary strings or unexpected data paths.

Vague Triggers

Medium
Confidence
71% confidence
Finding
The activation guidance includes broad phrases such as using the skill for general data analysis tasks with reproducible outputs, which expands its apparent scope beyond pseudotime trajectory analysis. Over-broad routing guidance can cause an agent to select and run this skill on incompatible inputs, increasing the chance of unsafe execution, incorrect file handling, or misleading analytical output.

Unpinned Dependencies

Low
Category
Supply Chain
Content
scanpy>=1.9.0
anndata>=0.8.0
matplotlib>=3.5.0
seaborn>=0.12.0
Confidence
92% confidence
Finding
scanpy>=1.9.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
scanpy>=1.9.0
anndata>=0.8.0
matplotlib>=3.5.0
seaborn>=0.12.0
numpy>=1.21.0
Confidence
92% confidence
Finding
anndata>=0.8.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
scanpy>=1.9.0
anndata>=0.8.0
matplotlib>=3.5.0
seaborn>=0.12.0
numpy>=1.21.0
pandas>=1.3.0
Confidence
92% confidence
Finding
matplotlib>=3.5.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
scanpy>=1.9.0
anndata>=0.8.0
matplotlib>=3.5.0
seaborn>=0.12.0
numpy>=1.21.0
pandas>=1.3.0
scipy>=1.7.0
Confidence
92% confidence
Finding
seaborn>=0.12.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
anndata>=0.8.0
matplotlib>=3.5.0
seaborn>=0.12.0
numpy>=1.21.0
pandas>=1.3.0
scipy>=1.7.0
scikit-learn>=1.0.0
Confidence
95% confidence
Finding
numpy>=1.21.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
matplotlib>=3.5.0
seaborn>=0.12.0
numpy>=1.21.0
pandas>=1.3.0
scipy>=1.7.0
scikit-learn>=1.0.0
Confidence
94% confidence
Finding
pandas>=1.3.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
seaborn>=0.12.0
numpy>=1.21.0
pandas>=1.3.0
scipy>=1.7.0
scikit-learn>=1.0.0
Confidence
94% confidence
Finding
scipy>=1.7.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
numpy>=1.21.0
pandas>=1.3.0
scipy>=1.7.0
scikit-learn>=1.0.0
Confidence
95% confidence
Finding
scikit-learn>=1.0.0

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.