data-transformer
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Potential for indirect prompt injection. The skill ingests and processes untrusted structured data (CSV, JSON, YAML) from external files, which could contain malicious instructions designed to manipulate an AI agent that subsequently interprets the transformed output.
- Ingestion points: Data is read from a user-provided file path in
src/index.tsvia thesafeReadFilefunction. - Boundary markers: The skill does not implement explicit delimiters or instructions to the agent to ignore potential commands embedded within the data content.
- Capability inventory: The skill has the capability to read and write local files using
safeReadFileandsafeWriteFile. - Sanitization: No content-level validation or sanitization is performed on the data being parsed or serialized.
Audit Metadata