data-analyst
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Vulnerable to indirect prompt injection. * Ingestion points: Data is ingested from databases via
scripts/query.shand from CSV/Excel files viascripts/analyze_template.py. * Boundary markers: Absent. The skill does not implement delimiters or instructions to help the agent distinguish between data and commands. * Capability inventory: The skill allows for SQL execution and local file writing. * Sanitization: Absent. No validation or filtering is performed on external data before it enters the agent's context. - [COMMAND_EXECUTION]: Shell hygiene issue in
scripts/query.sh. Themysqlexecution path uses an unquoted$DB_CONNECTIONvariable. This could result in argument injection or shell expansion if a connection string containing spaces or metacharacters is used.
Audit Metadata