Skills
skills/hoanghaoha/survy/survey-analysis/Gen Agent Trust Hub

survey-analysis

Pass

Audited by Gen Agent Trust Hub on Apr 12, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the survy Python library and mentions pyreadstat as a requirement for SPSS file operations. These are external dependencies required for the skill's primary functionality.
  • [COMMAND_EXECUTION]: The provided scripts scripts/batch_export.py and scripts/validate_survey.py perform file system operations such as directory creation (os.makedirs) and writing various file formats to disk based on user-supplied paths.
  • [PROMPT_INJECTION]: The skill processes untrusted survey data from external files, which constitutes a surface for indirect prompt injection.
  • Ingestion points: Data enters the environment via survy.read_csv, read_excel, read_json, and read_spss in the utility scripts.
  • Boundary markers: No specific delimiters or warnings to ignore instructions embedded in the survey data are implemented in the instructions or scripts.
  • Capability inventory: The skill possesses file-writing capabilities (to_csv, to_excel, to_json, to_spss) and directory management via os.makedirs.
  • Sanitization: There is no evidence of content sanitization or validation of values processed from the external files.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 12, 2026, 06:17 AM