senior-data-scientist
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill contains standard documentation and Python templates for data science. No obfuscation, data exfiltration, or malicious commands were found.
- [COMMAND_EXECUTION]: The skill documentation mentions common development and DevOps commands (e.g., pytest, docker, kubectl) for managing ML pipelines. These are used in a standard context and do not pose a security risk in this implementation.
- [DATA_EXFILTRATION]: The provided scripts define file system input and output paths but do not contain any logic for unauthorized data access or network transmission.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection by processing external data via command-line arguments. However, as the current implementation is purely boilerplate, no exploitable vulnerability is present. 1. Ingestion points: scripts/experiment_designer.py, scripts/feature_engineering_pipeline.py, scripts/model_evaluation_suite.py (input path arguments). 2. Boundary markers: Absent. 3. Capability inventory: Local file system access. 4. Sanitization: Not implemented.
Audit Metadata