skills/datadrivenconstruction/ddc_skills_for_ai_agents_in_construction/project-kpi-dashboard/Gen Agent Trust Hub
project-kpi-dashboard
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core functionality of processing external data files.
- Ingestion points: The skill ingests data from user-provided file paths or direct input as defined in the instructions.md file.
- Boundary markers: Absent. There are no defined delimiters or specific instructions for the agent to ignore or isolate embedded instructions within the ingested data.
- Capability inventory: The skill uses the pandas library for data manipulation and includes methods for generating summaries and exporting data, which could be leveraged if malicious instructions in the data are processed.
- Sanitization: Absent. No evidence of data validation or instruction filtering exists to mitigate risks from malicious content embedded in user-supplied files.
Audit Metadata