org-chart-generator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Data Processing] (SAFE): The skill handles structured data formats like CSV and JSON to create visualizations. While it ingests external data, its operations are confined to local file processing and chart generation.
- [Dependencies] (SAFE): It relies on well-known and trusted Python packages (graphviz and pandas).
- [Indirect Prompt Injection] (SAFE): The skill has a data ingestion surface through CSV and JSON files. While it does not execute instructions from this data, any tool processing external input has a theoretical surface for indirect prompt injection if the resulting visualization is later interpreted by an AI agent. 1. Ingestion points: from_csv() and from_json() methods in scripts/orgchart_gen.py. 2. Boundary markers: None explicitly defined in the API. 3. Capability inventory: File system read/write operations via pandas and graphviz. 4. Sanitization: Standard parsing via pandas/json libraries.
Audit Metadata