Protein Struct Viz

This skill appears to do what it says (generate PyMOL scripts), but exercise caution before installing or running generated scripts. What to consider before using: - Do NOT run .pml files produced from untrusted inputs without inspection. The generator inserts user-provided residue specs directly into the script, so malicious text could inject PyMOL commands. - Restrict the output path: the tool writes the provided filename verbatim. Avoid running it with untrusted output paths and ensure the filename is normalized and confined to a safe workspace (prevent '../' escapes). - Validate inputs: only allow residue specs that match a safe pattern (example regex idea: ^(?:(?:[A-Za-z]|\*)?:)?\d{1,5}(?::[A-Z]{3})?$ with explicit handling of wildcards) and disallow characters like semicolons, newline, backticks, or other shell/command delimiters. Sanitize color names and style choices against allowed lists. - Review generated .pml before executing in PyMOL, and avoid executing scripts from unknown sources. Look for unexpected commands (e.g., system calls or file manipulation commands) inserted into the file. - Be aware that the generated scripts may include 'fetch <pdb_id>' which triggers network downloads when run inside PyMOL; if that is a privacy or network policy concern run PyMOL in an environment where network access is controlled. - If you plan to adopt this skill into automated workflows, either add input sanitization and path normalization to scripts/main.py or run the generator in a sandbox/VM and only transfer inspected outputs into production systems. If you want, I can provide a safe-sanitizing wrapper for this script (validate residue specs, restrict output path to workspace, and whitelist style/color inputs) or specific regex patterns and filename normalization code to reduce these risks.