table-generation
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill invokes a local Python script (
results_to_table.py) within its own directory structure to perform data transformation. This is standard functional behavior for an agent skill. - [DATA_EXPOSURE] (SAFE): The skill reads from
results.jsonor CSV files provided by the user. There is no evidence of access to sensitive system paths (e.g., SSH keys, AWS credentials) or unauthorized network activity. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes external data sources (JSON/CSV), which constitutes a potential ingestion point for untrusted instructions. However, the risk is mitigated by explicit rules requiring exact data matching and prohibiting hallucination. The primary output is LaTeX code, which significantly limits the impact of potential injection compared to natural language generation.
- [METADATA_POISONING] (SAFE): Skill metadata correctly describes the tool's capabilities and intended use cases without deceptive instructions.
Audit Metadata