Skills
skills/arielperez82/agents-and-skills/exploring-data/Gen Agent Trust Hub

exploring-data

Fail

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/analyze.sh is vulnerable to code injection because it interpolates the shell variable $DATAFILE directly into a Python heredoc using filepath = Path("$DATAFILE"). A malicious filename containing escape characters could allow for arbitrary Python code execution.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. Findings: 1. Ingestion point: Untrusted data files in analyze.sh. 2. Boundary markers: Absent in the output of summarize_insights.py. 3. Capability inventory: Shell and Python execution in analyze.sh. 4. Sanitization: Absent; the script summarize_insights.py extracts raw data patterns and presents them directly to the agent.
  • [EXTERNAL_DOWNLOADS]: The scripts/install_ydata.sh script installs the ydata-profiling library from the Python Package Index (PyPI). This is a well-known service and the installation is a standard requirement for the skill's operation.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 9, 2026, 11:16 PM