data-engineering
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [SAFE] (SAFE): No malicious patterns detected. The skill primarily consists of educational content and production-ready code templates for data engineering.
- [CREDENTIALS_MANAGEMENT] (INFO): The skill includes extensive guides on cloud authentication (AWS, GCP, Azure). It correctly flags hardcoded credentials as a critical anti-pattern and provides secure alternatives such as IAM roles, Managed Identities, and Workload Identity Federation.
- [COMMAND_EXECUTION] (INFO): The skill demonstrates the use of standard data engineering CLI tools (aws, gcloud, az) and Python subprocesses for task orchestration. These are used within expected operational boundaries.
- [INDIRECT_PROMPT_INJECTION] (LOW): By design, the skill handles external data ingestion (Parquet, CSV, APIs). While this creates an attack surface for indirect prompt injection if the data is fed into LLMs, the skill provides robust mitigation strategies, including schema validation (Pandera/Great Expectations) and parameterized SQL execution.
Audit Metadata