data-analyst
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The utility script
scripts/query.shfacilitates the execution of SQL commands through system-level database clients includingsqlite3,psql, andmysql. This capability allows the agent to query and manipulate data in configured databases as part of its primary function. - [COMMAND_EXECUTION]: The initialization script
scripts/data-init.shperforms workspace setup by creating directories and generating template files usingmkdir,cat, andchmod. These operations are localized to the user's home directory. - [SAFE]: The skill manages an attack surface for indirect prompt injection through the ingestion of external data files and database outputs. Ingestion points: CSV and Excel file processing in
scripts/analyze_template.pyand database result processing inscripts/query.sh. Boundary markers: Absent; the skill does not explicitly differentiate between data content and potential embedded instructions. Capability inventory: The skill can execute database queries and perform filesystem writes within its designated workspace. Sanitization: No specific sanitization or validation logic for external data inputs was identified in the provided templates.
Audit Metadata