senior-data-engineer
Warn
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Use of dynamic code compilation. The script
scripts/pipeline_orchestrator.pycontains calls to thecompile()function within thevalidatemethods of theAirflowGenerator,PrefectGenerator, andDagsterGeneratorclasses. This function is used to check for syntax errors in generated pipeline code. While the code is compiled for validation rather than execution, runtime compilation of generated source code is a sensitive operation. - [PROMPT_INJECTION]: Potential for indirect prompt injection due to processing untrusted data and queries. 1. Ingestion points: Untrusted data enters the agent context through file reading operations in
scripts/data_quality_validator.py(CSV, JSON, and JSONL data files),scripts/etl_performance_optimizer.py(SQL query files and data statistics JSON), andscripts/pipeline_orchestrator.py(pipeline configuration files). 2. Boundary markers: Absent across all scripts. 3. Capability inventory: File system writes are performed inscripts/data_quality_validator.pyandscripts/etl_performance_optimizer.py. Thescripts/pipeline_orchestrator.pyscript generates executable Python code and performs dynamic compilation usingcompile(). 4. Sanitization: Absent; the skill relies on standard parsers without specific sanitization for embedded natural language instructions.
Audit Metadata