data-analysis
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes external data, which introduces an indirect prompt injection surface.
- Ingestion points: The skill reads
data.csvusing Pandas inSKILL.md. - Boundary markers: None provided to isolate data from instructions or ignore embedded commands.
- Capability inventory: Uses Python for analysis and has access to Bash for file operations.
- Sanitization: No input validation or filtering is performed on the ingested data content.
- [REMOTE_CODE_EXECUTION]: No remote code execution or suspicious package downloads were detected; the skill relies on standard data science libraries.
- [DATA_EXFILTRATION]: No patterns of data exfiltration or unauthorized access to sensitive local files were found.
Audit Metadata