senior-data-engineer
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Core functionality analysis. The skill provides educational content and utility scripts for managing production data pipelines. All included Python scripts (data_quality_validator.py, etl_performance_optimizer.py, pipeline_orchestrator.py) use standard libraries to process local files and do not engage in network communications or access sensitive system resources.
- [SAFE]: Static analysis of code generation tools. The scripts/pipeline_orchestrator.py script employs the compile() function to verify the syntax of generated orchestration code (Airflow, Prefect, Dagster). The compiled objects are not executed, ensuring that the script acts only as a validator and not as an execution engine for arbitrary code.
- [SAFE]: Data ingestion and indirect prompt injection surface. The utility scripts ingest user-provided data files, schemas, and contracts. While this forms a surface for processing untrusted data, the tools are designed for diagnostic and generation tasks with limited capabilities, preventing standard exfiltration or command execution attacks.
- Ingestion points: scripts/data_quality_validator.py, scripts/etl_performance_optimizer.py, scripts/pipeline_orchestrator.py.
- Capability inventory: Local file operations and standard output; no network access or privilege escalation mechanisms.
- Sanitization: Use of yaml.safe_load() and standard structured data parsers.
Audit Metadata