data-pipeline-engineer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill architecture creates an ingestion surface for potentially malicious data.\n
- Ingestion points: External data sources include S3 buckets and Kafka topics as defined in
references/airflow-dag.pyandreferences/spark-streaming.py.\n - Boundary markers: No specific delimiters or security headers are utilized to isolate untrusted data during processing.\n
- Capability inventory: The skill allows
Bashexecution (dbt, spark-submit, airflow, python) and file system writes.\n - Sanitization: No content-level sanitization is performed on ingested data to detect embedded LLM instructions.\n- Command Execution (SAFE): Bash tool access is properly scoped to legitimate data engineering tools in
SKILL.md.\n- Data Exposure (SAFE): References to S3 buckets and email addresses are generic examples and do not leak credentials.
Audit Metadata