sentiment-analyzer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill identifies a surface for indirect prompt injection and XSS through its data processing workflow.
- Ingestion points: Untrusted data enters the agent context via CSV files processed by the
batchandreportcommands inscripts/main.py. - Boundary markers: Absent. There are no delimiters or instructions provided to the processing logic to ignore or escape embedded content within the CSV fields.
- Capability inventory: The skill contains file-writing capabilities (
scripts/main.py), allowing it to generate new CSV and HTML files based on processed input. - Sanitization: Absent. In
scripts/main.py, thereportfunction uses f-strings to insert raw text from the input CSV directly into an HTML template, which can be exploited to execute arbitrary JavaScript in the context of the generated report. - [External Downloads] (SAFE): The skill requires standard machine learning libraries such as
transformersandtorch. While these libraries may download model weights from external repositories (e.g., Hugging Face) at runtime, this is expected behavior for the stated purpose of sentiment analysis and does not involve malicious remote execution patterns.
Audit Metadata