dataapp-dev
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): The documentation contains no malicious logic, unauthorized data access, or obfuscated content.
- COMMAND_EXECUTION (SAFE): The skill utilizes standard development commands such as 'streamlit run', which are appropriate for its primary purpose of building data apps.
- Indirect Prompt Injection (SAFE): The skill includes a surface for processing external database schemas during the validation phase. This is a standard requirement for development tools and is considered safe in this context. Evidence: 1. Ingestion points: SQL table schemas and query result sets (QUICKSTART.md). 2. Boundary markers: None specified in the quickstart documentation. 3. Capability inventory: File system modification for code generation and local execution for app testing. 4. Sanitization: Not explicitly described in the documentation.
Audit Metadata