polars
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONNO_CODE
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill instructs the user to install the 'polars' package using 'uv pip install polars'. Although Polars is a reputable library, it is an external dependency not found on the predefined trusted source list. The severity is lowered to LOW because installation is required for the skill's primary purpose.
- PROMPT_INJECTION (SAFE): The skill's primary function is to process untrusted data files, creating a surface for indirect prompt injection. 1. Ingestion points:
read_csv,scan_csv,read_parquet, andread_jsoninSKILL.mdandcore_concepts.md. 2. Boundary markers: None identified. 3. Capability inventory: Data transformation and file/cloud I/O. 4. Sanitization: Absent. Severity is reduced to SAFE as this risk is inherent to the skill's primary data analysis purpose. - NO_CODE (SAFE): No executable scripts or binaries are distributed within the skill; it contains only markdown documentation and code snippets for use by the agent.
Audit Metadata