data-quality-auditor
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. The skill is designed to ingest and analyze untrusted external data from CSV or Excel files. * Ingestion points: The
load_csv()andload_dataframe()methods in theDataQualityAuditorclass ingest external data into the agent's context. * Boundary markers: Absent; there are no specified delimiters or instructions to the agent to ignore embedded instructions within the data files. * Capability inventory: The skill generates HTML/JSON reports and can influence ETL pipeline logic (e.g., triggering exits or errors) based on data quality scores. * Sanitization: Absent; the documentation does not describe any sanitization or escaping of the content within the ingested data files. - [NO_CODE] (INFO): Missing implementation logic. The core script
data_quality_auditor.pyreferenced in the documentation is missing from the provided files, which prevents a comprehensive audit of the internal logic and safety of the execution environment.
Audit Metadata