Skills
skills/doanchienthangdev/omgkit/dataset-engineering/Gen Agent Trust Hub

dataset-engineering

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted text by inserting it directly into LLM prompts. Malicious instructions embedded in source documents could influence the agent's behavior during data synthesis tasks.
  • Ingestion points: The document parameter in generate_qa, the seeds and generated lists in self_instruct, and the example dictionary in format_instruction (all in SKILL.md).
  • Boundary markers: Prompts used in generate_qa and self_instruct lack clear delimiters (e.g., XML tags or block quotes) or instructions to the model to ignore any control sequences found within the provided text.
  • Capability inventory: The skill utilizes model.generate to process these prompts, potentially allowing an attacker to hijack the generation process to output malicious content or bypass intended formatting.
  • Sanitization: No input validation or instruction-escaping logic is implemented for the data entering the prompt templates.
  • [EXTERNAL_DOWNLOADS]: The skill depends on the datasketch Python package for its deduplication functionality. While datasketch is a well-known library for probabilistic data structures, it represents an external dependency that must be installed in the environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 03:06 AM