analyze
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection Surface: The skill processes user questions and external data files (CSV, Excel, SQL results). While no malicious patterns were detected, the handling of external content is an inherent part of the data analysis process.
- Ingestion points:
SKILL.md(natural language questions, database results, file uploads) - Boundary markers: Absent in provided instructions
- Capability inventory:
SKILL.md(SQL query execution, Python visualization generation) - Sanitization: Focused on data quality checks (Step 4)
- Dynamic Code and Query Generation: As part of its core functionality, the skill generates SQL and Python code. This behavior is expected for a data analysis tool and supports its primary analytical purpose.
Audit Metadata