Skills
skills/liangdabiao/claude-data-analysis-ultra/data-exploration-visualization/Gen Agent Trust Hub

data-exploration-visualization

Warn

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill uses joblib.load() in scripts/modeling_evaluator.py and scripts/data_preprocessor.py to load serialized machine learning models and preprocessing pipelines. Since joblib relies on pickle, loading untrusted files can lead to arbitrary code execution.
  • [COMMAND_EXECUTION]: The unsafe deserialization mechanism in joblib.load() allows for arbitrary command execution on the host system if an attacker provides a maliciously crafted model file.
  • [PROMPT_INJECTION]: The skill has a vulnerability surface for indirect prompt injection (Category 8).
  • Ingestion points: Data enters the system through pd.read_csv, pd.read_excel, and pd.read_json in scripts/eda_analyzer.py.
  • Boundary markers: The system lacks delimiters or instructions to prevent the agent from following commands embedded in the data.
  • Capability inventory: The skill can perform file writes via scripts/report_generator.py and execute modeling logic in scripts/modeling_evaluator.py.
  • Sanitization: There is no evidence of content sanitization or validation for processed data strings before they are used in report generation.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 12, 2026, 05:33 AM