training-data
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill's architecture for data labeling and augmentation processes untrusted text data, which presents an indirect prompt injection surface.\n
- Ingestion points: Text data provided in
pd.DataFrameobjects is processed by Snorkel labeling functions and augmentation tools (SKILL.md).\n - Boundary markers: There are no delimiters or instructions provided to the processing logic to ignore embedded commands within the input data.\n
- Capability inventory: The skill includes file writing via Python's built-in
openfunction in theexport_for_labelingutility (SKILL.md).\n - Sanitization: No input validation or escaping mechanisms are implemented to prevent malicious content in training data from influencing the agent's behavior.
Audit Metadata