analyzing-data
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill documentation provides several shell commands for environment setup and tool usage, such as
pip install nbval,pytest --nbval,jupyter nbconvert,quarto render, andvoila. These involve standard tools in the data science ecosystem. - [DYNAMIC_EXECUTION]: Documentation for Streamlit in
references/streamlit-advanced.mdincludes a pattern using thepicklelibrary for loading models (pickle.load(open("model.pkl", "rb"))). This is an unsafe deserialization method that can lead to arbitrary code execution if the source file is untrusted. - [INDIRECT_PROMPT_INJECTION]: The skill's primary function is to analyze external datasets, which introduces a vulnerability surface. Untrusted data enters the agent context via ingestion points like Parquet and CSV files as described in
SKILL.mdandreferences/large-dataset-eda.md. No specific boundary markers or sanitization logic for dataset contents were identified. The skill possesses capabilities like saving files and running local web servers, which could be targeted by instructions hidden in malicious datasets.
Audit Metadata