Skills
skills/congdon1207/agents.md/senior-data-scientist/Gen Agent Trust Hub

senior-data-scientist

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTIONNO_CODE
Full Analysis
  • [Indirect Prompt Injection] (HIGH): The skill is designed to ingest and process untrusted external data and configuration files which can lead to adversarial influence over high-privilege downstream tasks.
  • Ingestion points: Processes external datasets via --input data/ and configuration via --config config.yaml.
  • Boundary markers: No delimiters or instructions to ignore embedded commands are specified for the input data processing.
  • Capability inventory: Possesses wide-ranging capabilities including Python script execution, Docker image building (docker build), and Kubernetes cluster management (kubectl apply, helm upgrade).
  • Sanitization: No sanitization or validation logic is mentioned for the external content before it is used in the pipeline.
  • [Command Execution] (MEDIUM): The skill provides instructions for the agent to execute multiple local Python scripts and system-level commands (Docker, Kubectl).
  • Evidence: References to scripts/experiment_designer.py, scripts/train.py, and scripts/health_check.py indicate a dependency on local executable logic.
  • [No Code Provided] (INFO): The provided content consists only of the SKILL.md file. All referenced Python scripts, Kubernetes manifests, and reference documentation files mentioned in the markdown were not provided for security auditing. The actual behavior of these components is unverifiable.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 12:39 PM