vaex
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWPROMPT_INJECTIONEXTERNAL_DOWNLOADSSAFE
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to ingest and process large external datasets (CSV, HDF5, Parquet, Arrow) using
vaex.open()andvaex.from_csv(). This creates a surface for indirect prompt injection, where an attacker could embed malicious instructions within a dataset to influence the agent's interpretation or subsequent actions. - Ingestion points:
vaex.open()andvaex.from_csv()inSKILL.mdandreferences/core_dataframes.md. - Boundary markers: No specific boundary markers or 'ignore' instructions for data content are provided in the skill documentation.
- Capability inventory: The skill allows for data aggregation, statistical analysis, visualization, and file export (e.g.,
export_hdf5). It does not explicitly call for arbitrary shell command execution or system-level modifications. - Sanitization: No data sanitization or validation logic is defined within the skill instructions.
- Data Exposure & Exfiltration (LOW): The skill description mentions support for 'Server and remote data access'. While useful for distributed data, this implies the capability to perform network operations to non-whitelisted domains for data retrieval.
- External Downloads (INFO): The skill references
vaex.example(), which downloads sample datasets from external repositories. While these are part of the legitimate Vaex library, users should be aware of runtime data fetching.
Audit Metadata