skills/datadrivenconstruction/ddc_skills_for_ai_agents_in_construction/daily-report-generator/Gen Agent Trust Hub
daily-report-generator
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches weather data from the official OpenWeatherMap API and retrieves construction data from Google Sheets using the gspread library.\n- [COMMAND_EXECUTION]: Executes Python code to process site data and generate PDF reports using the reportlab and pandas libraries.\n- [DATA_EXFILTRATION]: Distributes the generated reports to external stakeholders via email and Telegram channels as part of the core reporting workflow.\n- [PROMPT_INJECTION]: Vulnerable to indirect prompt injection through the processing of external data sources.\n
- Ingestion points: Reads data from local Excel files (timesheet.xlsx, tasks.xlsx) and Google Sheets (Tasks and Workers worksheets).\n
- Boundary markers: Lacks delimiters or specific instructions to ignore embedded commands in the source data during aggregation.\n
- Capability inventory: Possesses network access for API calls, file system access for report generation, and automated messaging capabilities for distribution.\n
- Sanitization: No validation or sanitization of input data is performed before interpolation into the report generation logic.
Audit Metadata