skills/datadrivenconstruction/ddc_skills_for_ai_agents_in_construction/data-visualization/Gen Agent Trust Hub
data-visualization
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides legitimate visualization functionality for construction projects. It uses well-known Python libraries (Pandas, Matplotlib, Seaborn, Plotly) to generate charts, heatmaps, and dashboards.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it is designed to ingest and process untrusted external data from CSV, Excel, and JSON files.
- Ingestion points: The skill loads data from user-provided files (e.g., project_data.xlsx) as described in instructions.md and SKILL.md.
- Boundary markers: No explicit delimiter markers or 'ignore instructions' warnings are specified for the ingested data content.
- Capability inventory: The skill includes filesystem read and write capabilities (e.g., pd.read_excel, plt.savefig, os.makedirs) to process data and save report files.
- Sanitization: The instructions.md file contains a constraint to 'Validate inputs before processing' as a basic security measure.
Audit Metadata