csv-wrangler
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted data from CSV and Excel files, creating a surface for indirect prompt injection. \n
- Ingestion points: The skill utilizes pd.read_csv, pd.read_excel, and file open() operations in SKILL.md to ingest external data. \n
- Boundary markers: There are no specific delimiters or instructions provided to the agent to distinguish data content from potential instructions. \n
- Capability inventory: The skill metadata enables high-privilege tools including Bash, Write, Edit, and Grep. \n
- Sanitization: While the skill performs format-specific cleaning (e.g., dates and numbers), it does not sanitize text content to prevent the execution of embedded instructions.
Audit Metadata