data-visualizer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (SAFE): The skill ingests external data from CSV files and outputs it into HTML reports.
- Ingestion points:
scripts/main.pyreads user-provided CSV files viacsv.DictReader. - Boundary markers: None used in the prompt or data processing.
- Capability inventory: Local file writing via
Path.write_text. - Sanitization: Data values are converted to floats and chart data is serialized via
json.dumps. However, column headers (labels) are interpolated into the HTML without explicit escaping, creating a potential XSS surface if a malicious CSV is processed and the resulting HTML is opened in a browser. - [External Downloads] (SAFE): The generated HTML includes a script tag for
chart.jsfromcdn.jsdelivr.net. This is a standard and widely trusted CDN for frontend libraries. - [Metadata Poisoning] (SAFE): The
SKILL.mdfile listsplotlyas a dependency, but it is not used in the implementation. This appears to be a minor documentation oversight rather than a deceptive practice.
Audit Metadata