Skills
skills/legout/data-platform-agent-skills/data-science-notebooks/Gen Agent Trust Hub

data-science-notebooks

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [Dynamic Execution] (MEDIUM): File references/streamlit-advanced.md contains a code example using pickle.load(open("model.pkl", "rb")). Deserializing data using pickle is insecure and can lead to arbitrary code execution if the input file is malicious.
  • [Unverifiable Dependencies] (MEDIUM): Multiple files including SKILL.md, references/sharing-publishing.md, and references/notebook-testing.md recommend installing packages such as nbstripout, pre-commit, nbval, and voila using pip install without specifying versions or verifying hashes, which presents a supply chain risk.
  • [Indirect Prompt Injection] (LOW): The skill is designed to ingest and process external data (e.g., CSV, Parquet, and text in references/large-dataset-eda.md and references/text-features.md). While the impact is primarily limited to local analysis context, the lack of sanitization or boundary markers for untrusted data poses a minor risk if the agent makes decisions based on the content of processed data.
  • [Data Exposure] (SAFE): SKILL.md contains explicit security guidance and code examples (e.g., using os.environ.get) instructing users never to hardcode secrets like API keys.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 09:04 AM