Skills
skills/curiositech/some_claude_skills/data-viz-2025/Gen Agent Trust Hub

data-viz-2025

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill provides patterns for 'AI-Enhanced Visualizations' that are vulnerable to Indirect Prompt Injection.
  • Ingestion points: Data objects are processed and sent to an LLM via generateInsight functions in SKILL.md and references/data-storytelling.md.
  • Boundary markers: The suggested prompt templates lack boundary markers (e.g., XML tags or clear delimiters) or explicit instructions for the model to disregard instructions embedded within the data.
  • Capability inventory: The skill environment grants the agent permissions to read, write, and execute shell commands (Bash), which could be leveraged if an injection succeeds.
  • Sanitization: The implementation examples do not include sanitization or validation of the data values before they are interpolated into the prompt string.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 01:24 PM