data-profiler
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE] (SAFE): The skill analyzes DataFrames provided by the user. It does not attempt to access sensitive system paths (e.g., SSH keys, credentials) or environment variables.
- [EXTERNAL_DOWNLOADS] (SAFE): No external code or data is downloaded from the internet. All logic is contained within the local script and standard dependencies.
- [COMMAND_EXECUTION] (SAFE): Although 'Bash' is listed in the allowed-tools, the provided Python scripts do not use subprocess, os.system, or any other method to execute shell commands.
- [REMOTE_CODE_EXECUTION] (SAFE): The skill does not use eval(), exec(), or any dynamic code loading mechanisms that could be exploited to run arbitrary code.
- [PROMPT_INJECTION] (LOW): Like all tools that ingest external data (e.g., CSV files), there is a surface for indirect prompt injection if a user processes a malicious file. However, the skill only extracts statistical metrics (min, max, mean, etc.) and does not interpret the content of the data as instructions for the agent.
Audit Metadata