dask
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No evidence of instructions attempting to override agent behavior, bypass safety filters, or extract system prompts. The content is strictly informational and task-oriented.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network operations were detected. The mentioned I/O operations (read_csv, read_parquet) are standard for the tool's intended data processing purpose.
- Obfuscation (SAFE): No encoded content, zero-width characters, homoglyphs, or other obfuscation techniques were found.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill does not perform any package installations or remote script executions. It refers to standard, well-known Python libraries (Dask, Pandas, NumPy).
- Privilege Escalation (SAFE): No commands for acquiring elevated permissions (e.g., sudo, chmod) are present.
- Persistence Mechanisms (SAFE): No attempts to modify system configurations or create persistent tasks were detected.
- Metadata Poisoning (SAFE): The metadata (name, description, version) accurately reflects the skill's content without deceptive instructions.
- Indirect Prompt Injection (SAFE): While the skill is designed to process external data files (CSVs, Parquet), it contains no logic that would make it vulnerable to indirect injection beyond the inherent risks of processing external data, which are managed by the underlying LLM's guardrails.
- Dynamic Execution (SAFE): No runtime code generation, unsafe deserialization, or library injection patterns were found.
Audit Metadata