train-test-splitter
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (SAFE): No instructions attempting to override agent behavior, bypass safety filters, or extract system prompts were detected.
- Indirect Prompt Injection (LOW): The skill ingest data for machine learning tasks and has access to high-privilege tools (Bash, Python, Pip), creating a surface for indirect prompt injection. 1. Ingestion points: External datasets provided for train-test splitting. 2. Boundary markers: No specific delimiters or safety instructions regarding data content are provided. 3. Capability inventory: Access to
Bash(python:*),Bash(pip:*),Write, andEdittools. 4. Sanitization: No data validation or sanitization logic is defined. - Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or suspicious network requests were found in the skill markdown.
- Remote Code Execution (SAFE): While the skill requests permissions for bash and pip, it does not include commands to download or execute remote scripts.
Audit Metadata