code-data-analysis-scaffolds
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were identified. The skill acts as a set of instructional templates for professional technical workflows.\n- [PROMPT_INJECTION]: The skill facilitates the ingestion of untrusted external data for analysis purposes, which is its primary function.\n
- Ingestion points: Guidelines in
template.mdandeda-customer-churn.mdinvolve reading user-provided files (e.g., CSV) into the agent context.\n - Boundary markers: The templates do not currently instruct the agent to use delimiters or protective instructions when processing external data.\n
- Capability inventory: The skill encourages operations involving file system interaction and shell execution for testing (e.g.,
pytest).\n - Sanitization: The scaffolds focus on data quality and statistical validity rather than sanitizing content against instruction-like strings.\n- [COMMAND_EXECUTION]: The documentation and examples suggest using standard command-line tools such as
pytest,mutmut, andgreat_expectationsfor code and data validation.\n- [EXTERNAL_DOWNLOADS]: The skill mentions the installation of well-known open-source libraries likeumap-learnandmutmutin its advanced methodology documentation.
Audit Metadata