kpi-calculator
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill ingests untrusted CSV data and possesses powerful capabilities including Bash and code execution, creating a potential surface for indirect injection.
- Ingestion points: User-provided annual cumulative CSV data.
- Boundary markers: Absent; the prompt does not define specific delimiters for the data input.
- Capability inventory: Read, Grep, Bash, and mcp__ide__executeCode.
- Sanitization: No explicit sanitization or instruction-ignoring logic is defined for the CSV processing.
- [Command Execution] (SAFE): The skill requires Bash and code execution tools (
mcp__ide__executeCode) to perform complex data aggregation and mathematical calculations as per its primary purpose. These tools are used locally and are not directed at external or sensitive system resources in the provided instructions.
Audit Metadata