data-normalization-tool
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to process data for normalization, creating a vulnerability surface where instructions embedded in datasets could be interpreted by the agent. \n
- Ingestion points: User-provided datasets in the ML Training domain. \n
- Boundary markers: None identified in the skill metadata. \n
- Capability inventory: Allowed tools include Read, Write, Edit, and Bash (Python/Pip). \n
- Sanitization: No sanitization or validation of data content is mentioned. \n- Command Execution (SAFE): The skill requests permission to use
Bash(python:*), which allows for arbitrary code execution during the training process. This is appropriate for the use case but requires monitoring. \n- External Downloads (SAFE): TheBash(pip:*)permission allows the agent to download and install Python packages from external repositories.
Audit Metadata