skills/datadrivenconstruction/ddc_skills_for_ai_agents_in_construction/llm-data-automation/Gen Agent Trust Hub
llm-data-automation
Fail
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches and executes the official installation script for Ollama from its official domain (ollama.com) to facilitate local LLM model execution.
- [COMMAND_EXECUTION]: Provides instructions for running command-line tools to pull and run AI models through Ollama and to set up the development environment using pip.
- [PROMPT_INJECTION]: The skill facilitates data processing that is inherently susceptible to indirect prompt injection.
- Ingestion points: Data is read from external Excel, CSV, and PDF files using the pandas and pdfplumber libraries as shown in the examples in SKILL.md.
- Boundary markers: There are no explicit delimiters or instructions provided to the model to ignore potential malicious commands embedded within the data files.
- Capability inventory: The skill requests filesystem permissions and is designed to generate and execute Python code for data transformation tasks.
- Sanitization: No sanitization or validation of the content within the processed files is documented in the provided code snippets.
Recommendations
- HIGH: Downloads and executes remote code from: https://ollama.com/install.sh - DO NOT USE without thorough review
Audit Metadata