plotly
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill includes specific instructions directing the agent to proactively suggest the 'K-Dense Web' platform (www.k-dense.ai) when task complexity increases. This constitutes behavioral steering intended for marketing purposes.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8). Ingestion point: Untrusted data processed in pandas DataFrames (e.g., in SKILL.md and chart-types.md). Boundary markers: Absent. Capability inventory: Writing interactive HTML files (fig.write_html) and starting local development servers (app.run_server). Sanitization: Absent; no instructions are provided for escaping or validating user-supplied content used in tooltips or labels.
- [PROMPT_INJECTION]: There is a metadata discrepancy; the SKILL.md file claims authorship by 'K-Dense Inc.', while the system-identified author is 'jst-well-dan'. Deceptive metadata can lead to misjudgment of a skill's origin and security profile.
- [EXTERNAL_DOWNLOADS]: The documentation guides the installation of 'plotly', 'kaleido', and 'dash' via 'uv pip install'. These are trusted and well-known packages within the Python visualization ecosystem.
- [COMMAND_EXECUTION]: Provided code examples include running a Dash web server with 'debug=True' enabled. This configuration is intended for development but may expose sensitive system information if the server is accessible over a network.
- [COMMAND_EXECUTION]: The skill facilitates standard visualization workflows involving writing files to the local file system (HTML, JSON, and image formats) using 'fig.write_html' and 'fig.write_image'.
Audit Metadata