Skills
skills/jackspace/claudeskillz/csv-data-summarizer/Gen Agent Trust Hub

csv-data-summarizer

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
  • Prompt Injection (MEDIUM): The skill instructions in SKILL.md and SKILL.json employ aggressive, imperative language ('⚠️ CRITICAL BEHAVIOR REQUIREMENT ⚠️', 'FORBIDDEN BEHAVIORS', 'DO NOT ASK') to override the agent's default safety and interaction protocols. These patterns are designed to force autonomous execution, which can be used to bypass system-level conversational constraints.
  • Indirect Prompt Injection (LOW): The skill processes arbitrary CSV data via analyze.py and returns the content (including headers and categorical values) to the agent without sanitization or boundary delimiters.
  • Ingestion points: analyze.py reads user-provided files using pandas.read_csv.
  • Boundary markers: Absent. There are no instructions or delimiters ensuring the agent treats the tool output exclusively as data.
  • Capability inventory: The analyze.py script has file-read permissions and performs file-write operations for visualization PNGs.
  • Sanitization: Absent. Raw string data from the CSV is interpolated into the final summary returned to the LLM.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:09 PM