querying-census-data
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
Bashtool to execute shell commands, includingcurlfor network requests andpython3for data processing. - [COMMAND_EXECUTION]: The skill generates and executes inline Python scripts using
python3 -c. These scripts are used to parse JSON data from both local files and remote API responses. This pattern is used to format data into markdown tables and resolve geographic identifiers. - [EXTERNAL_DOWNLOADS]: The skill fetches demographic and economic data from the official U.S. Census Bureau API (
api.census.gov). This is a well-known and trusted government service. - [DATA_EXFILTRATION]: The skill accesses the
CENSUS_API_KEYenvironment variable. This is a legitimate requirement for authenticating requests to the Census Bureau API as per the skill's primary purpose. - [PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection because it processes data from external sources and local files without explicit sanitization or boundary markers.
- Ingestion points: Data enters the agent's context through
municipios_pr.json,barrios_pr.json, and the results of API queries toapi.census.gov. - Boundary markers: No boundary markers or 'ignore' instructions are used to separate external data from the agent's system instructions.
- Capability inventory: The skill possesses the capability to execute shell commands (
Bash), read local files (Read), and run Python code. - Sanitization: There is no evidence of sanitization or validation of the JSON content before it is processed by Python or outputted to the agent.
Audit Metadata