data-visualizer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes user-supplied data for visualization, which serves as a surface for indirect prompt injection. * Ingestion points: Processes user-provided data inputs to generate charts and dashboards as described in the README and common tasks. * Boundary markers: No specific delimiters, framing, or safety warnings for ignoring embedded instructions are defined in the skill files. * Capability inventory: The manifest.yaml indicates the skill has the authority to modify files and create artifacts in the project environment. * Sanitization: No explicit data sanitization or validation logic is present in the provided skill definition.
- [Prompt Injection] (SAFE): No direct prompt injection patterns or instructions to override agent behavior were detected in the instructions or metadata.
- [Data Exposure & Exfiltration] (SAFE): No access to sensitive local files or unauthorized network exfiltration patterns found.
- [Remote Code Execution] (SAFE): No remote scripts are downloaded or executed; the skill recommends standard, reputable libraries for local use.
- [Obfuscation] (SAFE): All content is in plain text with no hidden or encoded sections.
Audit Metadata