data-validator
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes untrusted CSV data from users which could potentially contain malicious instructions intended to influence the AI's behavior.
- Ingestion points:
Read your_data_file.csvin the '工具使用指南' section. - Boundary markers: Absent. The instructions do not specify delimiters or warnings to treat the CSV content strictly as data.
- Capability inventory:
Bash(can execute system commands),Read(can access local files), andGrep(can search file contents). - Sanitization: Absent. There is no logic provided to escape or filter content before processing.
- Command Execution (SAFE): The skill uses
Bashto run legitimate local validation commands likepnpm run validate-dataandfile -I. These are restricted to the local environment and the primary purpose of the skill. - Data Exposure (SAFE): The skill reads internal project documentation (
data_architecture.md) and source code (insurance.ts) to establish validation rules. This is necessary for its intended function and does not involve external exfiltration.
Audit Metadata