skills/datadrivenconstruction/ddc_skills_for_ai_agents_in_construction/weather-impact-scheduler/Gen Agent Trust Hub
weather-impact-scheduler
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes external data files such as CSV or Excel which creates a surface for indirect prompt injection where malicious instructions in the data could be interpreted by the agent.
- Ingestion points: Input data files or direct user input as described in instructions.md.
- Boundary markers: The skill does not implement explicit boundary markers to isolate processed data from the prompt.
- Capability inventory: File system write access via the pandas to_excel method in SKILL.md.
- Sanitization: No code-level sanitization for prompt injection patterns is present in the data processing logic.
Audit Metadata