data-storytelling-analyst
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection as it is designed to ingest user-supplied datasets and metadata to generate narrative summaries and visualization code. The instructions lack explicit boundary markers or sanitization requirements to isolate this external data from the agent's core logic.\n
- Ingestion points: Dataset structures, variables, and audience context processed in SKILL.md.\n
- Boundary markers: Absent; the system instructions do not specify the use of delimiters (e.g., XML tags or triple quotes) to separate data from instructions.\n
- Capability inventory: The skill generates and provides Python (Matplotlib, Seaborn, Plotly) and R (ggplot2) code snippets (SKILL.md, step 4).\n
- Sanitization: Absent; no steps are provided to validate or escape data content before it is interpolated into narrative insights or code comments.
Audit Metadata