networkx
Warn
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: MEDIUMREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill documents the use of
pickle.load()andnx.read_gpickle()for serializing and deserializing graph objects inreferences/io.md. Deserialization with thepicklemodule is an unsafe operation that can lead to arbitrary code execution if the input files originate from an untrusted source. - [DATA_EXFILTRATION]: The skill provides numerous methods for reading from and writing to the local file system and SQL databases, as documented in
references/io.md. These capabilities allow the agent to access and move potentially sensitive data between different files, databases, and its memory. - [PROMPT_INJECTION]: The skill features a broad interface for ingesting external data (CSV, JSON, GraphML, SQL, and others), which introduces a surface for indirect prompt injection.
- Ingestion points: Numerous functions in
references/io.mdsuch asread_edgelist,read_graphml, andfrom_pandas_edgelist. - Boundary markers: Absent from the documented examples and instructions.
- Capability inventory: File system writes, SQL database interaction, and execution of visualization tools (matplotlib, plotly).
- Sanitization: No sanitization or validation of input data is required or demonstrated.
- [EXTERNAL_DOWNLOADS]: The skill suggests the installation of the
networkxlibrary and its optional dependencies (such as matplotlib, scipy, and pandas) from standard package registries.
Audit Metadata