data-storyteller
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest and interpret content from external data files (CSV, Excel, etc.), which represents a potential surface for indirect prompt injection if the data contains malicious instructions.
- Ingestion points: Data is loaded via the
DataStorytellerclass from files likesales_data.csvas shown inSKILL.md. - Boundary markers: The documentation does not specify the use of delimiters or 'ignore embedded instructions' warnings for the LLM when processing row content.
- Capability inventory: The skill generates narrative summaries and recommendations, implying the LLM reads and interprets data values.
- Sanitization: No explicit sanitization or filtering of data content is mentioned in the provided documentation.
- [Unverifiable Dependencies] (SAFE): The skill uses industry-standard Python libraries for data science (pandas, numpy, etc.). All dependencies listed in
scripts/requirements.txtare well-known, versioned, and hosted on standard registries.
Audit Metadata