skills/jeremylongshore/claude-code-plugins-plus-skills/engineering-features-for-machine-learning/Gen Agent Trust Hub
engineering-features-for-machine-learning
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: A comprehensive audit of the skill's Python scripts and markdown documentation revealed no evidence of malicious behavior, credential theft, or unauthorized network access. The codebase is well-structured and consistent with its stated purpose.\n- [COMMAND_EXECUTION]: The skill configuration in
SKILL.mdrequests broad Bash access (Bash(cmd:*)). This capability is utilized to execute the bundled Python automation scripts for data processing and analysis. While a powerful privilege, it is a functional requirement for the toolkit's intended operation.\n- [PROMPT_INJECTION]: The skill is designed to process external data files, which presents a surface for indirect prompt injection.\n - Ingestion points: Data enters the agent context via
assets/example_dataset.csvand user-defined input paths configured inassets/configuration_template.yaml.\n - Boundary markers: No delimiters or specific instructions to ignore embedded commands are present in the provided templates.\n
- Capability inventory: The skill has access to powerful tools including
Bash(cmd:*),Write, andEdit.\n - Sanitization: The analysis found no evidence of sanitization or content validation for the data files processed by the scripts.
Audit Metadata