senior-data-scientist
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): The skill contains no instructions designed to override agent safety protocols or system prompts. Instructions are focused on data science tasks and best practices.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded secrets, sensitive credentials, or network exfiltration patterns were identified in the scripts or documentation.
- [Remote Code Execution] (SAFE): No external scripts are downloaded or executed. The provided Python files are local and contain no remote fetch logic.
- [Indirect Prompt Injection] (LOW): (1) Ingestion points: Input paths defined in scripts/experiment_designer.py and scripts/feature_engineering_pipeline.py. (2) Boundary markers: None present in the boilerplate scripts. (3) Capability inventory: scripts are non-functional skeletons with no file-write or network capabilities. (4) Sanitization: None present. Severity is LOW.
- [Command Execution] (LOW): Standard development and deployment commands (docker, kubectl, helm) are listed for reference in SKILL.md. These are not automatically executed by the skill and do not use untrusted input.
Audit Metadata