data
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Potential for indirect prompt injection through user-provided CSV data.
- Ingestion points: Custom CSV files provided by users as described in the 'User CSV' section.
- Boundary markers: Absent. The documentation does not provide delimiters or instructions for the agent to isolate untrusted data during processing.
- Capability inventory: The skill allows access to
Bash,Read,Glob, andGrep, and specifically instructs the agent to write and execute scripts. - Sanitization: Absent. No validation or filtering mechanisms are specified for the conversion of user data.
- [COMMAND_EXECUTION]: Dynamic script generation and execution.
- The skill documentation explicitly guides the agent to "write a converter" in the backtest script to handle user data files, which leads to runtime code creation and execution.
- This behavior is linked to the primary functionality of the skill but presents an operational risk if the generation process is influenced by untrusted input.
Audit Metadata