bio-stats-ml-reporting
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): Documentation in docs/README.md and tool guides suggests installing dependencies from external registries using pip and pixi.\n- DATA_EXFILTRATION (LOW): DuckDB documentation in docs/duckdb.md demonstrates reading data from remote URLs (e.g., example.com/data.parquet), which represents a network access surface to non-whitelisted domains.\n- COMMAND_EXECUTION (LOW): The skill instructions in SKILL.md and docs/README.md guide the agent to execute various CLI tools and scripts including DuckDB and Python.\n- PROMPT_INJECTION (LOW): The skill is susceptible to Indirect Prompt Injection. Evidence:
- Ingestion points: The skill processes results/.parquet, results/.tsv, and metadata.tsv as described in SKILL.md.
- Boundary markers: There are no explicit delimiters or warnings to ignore embedded instructions in input data.
- Capability inventory: The workflow includes script execution and DuckDB SQL commands which could be influenced by injected data.
- Sanitization: No sanitization or validation of input data content is mentioned or implemented in the provided guides.
Audit Metadata