Skills
skills/datadrivenconstruction/ddc_skills_for_ai_agents_in_construction/cost-prediction/Gen Agent Trust Hub

cost-prediction

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill is designed to process user-supplied historical construction datasets in CSV or Excel formats to train ML models. \n
  • Ingestion points: Data is loaded through pd.read_csv() as shown in the SKILL.md code samples and mentioned in instructions.md. \n
  • Boundary markers: The instructions do not specify any delimiters or safety prompts to prevent the agent from being influenced by malicious instructions embedded within the training data. \n
  • Capability inventory: The skill possesses filesystem permissions to read datasets and save serialized model files. \n
  • Sanitization: No sanitization or validation logic is defined for the input data before it is used for feature engineering and model training.\n- [DYNAMIC_EXECUTION]: The skill implements model persistence using the joblib library, which is a standard approach in Python for saving and loading scikit-learn models. \n
  • Evidence: SKILL.md includes functions save_model and load_model which utilize joblib.dump() and joblib.load(). \n
  • Risk: joblib.load() internally uses Python's pickle module. This poses a potential risk of arbitrary code execution if a user provides a malicious or tampered .pkl model file. However, this is a core intended functionality of the skill.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 04:28 AM