Skills
skills/dtyq/magic/data-qa/Gen Agent Trust Hub

data-qa

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill relies on the run_python_snippet tool to execute dynamically generated Python code for data processing and analysis.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by reading external data files and incorporating that information into code generation tasks.
  • Ingestion points: The skill uses read_files and pd.read_csv to ingest data from CSV and Excel files.
  • Boundary markers: There are no specific instructions or delimiters provided to ensure the agent ignores instructions embedded within the data.
  • Capability inventory: The agent has access to the run_python_snippet tool to execute code.
  • Sanitization: The instructions do not include steps to sanitize or validate the content of the data files before they are processed.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 02:38 AM