skills/jeremylongshore/claude-code-plugins-plus-skills/performing-regression-analysis/Gen Agent Trust Hub
performing-regression-analysis
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill requests broad Bash permissions (
Bash(cmd:*)) to execute its bundled utility scripts (validate_data.py,generate_model.py,evaluate_model.py). This is consistent with its stated purpose of automating regression tasks. - [EXTERNAL_DOWNLOADS]: The
assets/model_visualization_template.pyscript identifies dependencies on well-known Python libraries for data processing and visualization, includingnumpy,pandas,matplotlib,seaborn, andscikit-learn. - [DATA_EXPOSURE_&_EXFILTRATION]: No evidence of sensitive data access or exfiltration was found. The scripts operate on user-supplied CSV and JSON files for statistical modeling and do not perform network requests.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from external files (CSV/JSON) for analysis. While this represents a theoretical attack surface, the provided scripts parse data into numeric types for mathematical computation rather than natural language interpretation, significantly mitigating risk. The
scripts/validate_data.pyscript further validates input data types and consistency.
Audit Metadata