csv-data-analyst
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains instructions that explicitly demand the agent ignore standard conversational protocols and safety filters. Phrases like '⚠️ CRITICAL BEHAVIOR REQUIREMENT ⚠️', 'DO NOT ASK THE USER WHAT THEY WANT', and 'NO questions, NO options, NO waiting for user input' are used to override the agent's default interactive and clarification behaviors.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it ingests untrusted data from CSV files and processes it for display without sanitization or boundary markers. 1. Ingestion points:
pd.read_csv(file_path)inscripts/analyze.py. 2. Boundary markers: Absent. No delimiters or 'ignore instructions' warnings are provided. 3. Capability inventory: The skill can read local files (pd.read_csv) and write images to the filesystem (plt.savefig). 4. Sanitization: Absent. Data is loaded directly into pandas and summarized for the agent context.
Audit Metadata