Skills
skills/legout/data-agent-skills/flowerpower/Gen Agent Trust Hub

flowerpower

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The management scripts (run_pipeline.py, create_pipeline.py, list_pipelines.py) use subprocess.run to invoke the flowerpower CLI. These calls use the secure list-based argument passing format, which prevents shell injection vulnerabilities.
  • [EXTERNAL_DOWNLOADS]: The init_project.py script performs a standard installation of the flowerpower package from the Python Package Index (PyPI). This is a standard and expected operation for the skill's infrastructure.
  • [PROMPT_INJECTION]: The skill architecture creates an indirect prompt injection surface. Evidence: (1) Ingestion points: source_uri, source_parquet, and s3_path parameters in SKILL.md and advanced-patterns.md. (2) Boundary markers: No explicit delimiters are specified for ingested data. (3) Capability inventory: The skill can write to the filesystem via write_delta and access the network using requests. (4) Sanitization: Examples demonstrate validation using pandera to sanitize inputs and enforce schema compliance.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 03:19 PM