ai-data-analyst
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill involves generating and running Python scripts (e.g., analysis.py) and executing shell commands for setting up virtual environments and installing dependencies.
- [EXTERNAL_DOWNLOADS]: The skill workflow includes downloading common data science libraries from the Python Package Index (PyPI) to support its analytical capabilities.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection through its ingestion of external data. 1. Ingestion points: Data enters the agent context through CSV, Excel, JSON, Parquet files, and database connections. 2. Boundary markers: The current instructions do not specify delimiters or techniques to isolate data from potential embedded instructions. 3. Capability inventory: The agent has the capability to execute Python scripts which can access the local filesystem and network. 4. Sanitization: There is no requirement for sanitizing or validating the contents of input data to prevent malicious instruction execution.
Audit Metadata