Skills
skills/awslabs/agent-plugins/dataset-transformation/Gen Agent Trust Hub

dataset-transformation

Pass

Audited by Gen Agent Trust Hub on Apr 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill generates Python transformation scripts and then executes them locally using python3 to validate the logic against sample data. It also uses shell commands like aws s3 cp for data movement between local storage and S3 buckets.
  • [EXTERNAL_DOWNLOADS]: Fetches dataset format specifications and schema definitions from the official AWS documentation (docs.aws.amazon.com) to ensure the target formats are up to date.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it reads and processes untrusted data from user-provided datasets.
  • Ingestion points: Reads 1–2 sample records from user datasets (local or S3) using pd.read_json in SKILL.md (Step 5) and references/dataset_transformation_code.md.
  • Boundary markers: No specific delimiters or "ignore instructions" markers are applied when the agent reads or presents sample records from the data.
  • Capability inventory: The agent has the ability to write files (fs_write), execute shell commands (subprocess), and run generated Python code (python3).
  • Sanitization: There is no evidence of sanitization or content filtering for the data ingested from user datasets.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 24, 2026, 02:51 PM