vaex
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest and process large external datasets (CSV, HDF5, Arrow, Parquet), which is a common vector for indirect prompt injection if the data contains malicious instructions targeted at the LLM.
- Ingestion points: Data enters the context via
vaex.open()andvaex.from_csv()as described inSKILL.md. - Boundary markers: Absent. The skill does not provide instructions on how to delimit or escape data within the agent's prompt.
- Capability inventory: The skill includes file system read/write capabilities (
vaex.open,export_hdf5) and references complex operations like machine learning integration. - Sanitization: No sanitization or validation of the input data structure or content is documented in the provided files.
Audit Metadata