correlation-explorer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Data Analysis Utility] (SAFE): The skill implements standard statistical methods (Pearson, Spearman, Kendall) using reputable libraries. It operates on local files provided by the user and does not attempt network communication or unauthorized file access.
- [Dependencies] (SAFE): All identified dependencies (pandas, numpy, scipy, matplotlib, seaborn) are standard, well-maintained packages in the Python ecosystem.
- [Indirect Prompt Injection] (LOW): The skill ingests untrusted data from CSV and Excel files. 1. Ingestion points: load_csv and load_dataframe methods. 2. Boundary markers: Absent, as the tool is designed for numeric analysis rather than natural language processing. 3. Capability inventory: The skill reads local files and writes output files (plots and CSVs); it lacks network access, subprocess execution, or dynamic code execution capabilities. 4. Sanitization: Relies on standard pandas parsing which is robust against typical injection attempts when treated as numeric data.
Audit Metadata