skills/jeremylongshore/claude-code-plugins-plus-skills/data-augmentation-pipeline/Gen Agent Trust Hub
data-augmentation-pipeline
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill's primary purpose is data augmentation, which involves ingesting and processing external datasets. This creates a surface for indirect prompt injection where malicious instructions could be embedded in training data.
- Ingestion points: External datasets processed via the augmentation pipeline.
- Boundary markers: Absent; there are no instructions to ignore embedded commands in data.
- Capability inventory:
Bash(python:*),Bash(pip:*),Write,Edit. - Sanitization: Absent; the skill does not specify validation or sanitization of input data.
- [Command Execution] (SAFE): The skill requests
Bash(python:*)andBash(pip:*)tools. While these allow for arbitrary code execution and package installation, no malicious code or suspicious execution patterns were found in the skill's own file.
Audit Metadata