Skills
skills/majesticlabs-dev/majestic-marketplace/etl-core-patterns/Gen Agent Trust Hub

etl-core-patterns

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONNO_CODE
Full Analysis
  • Indirect Prompt Injection (HIGH): The skill provides logic for ingesting external data. Due to the high-privilege tools allowed (Bash, Write, Edit), this represents a high-severity attack surface.
  • Ingestion points: pd.read_csv and requests.get in SKILL.md.
  • Boundary markers: Absent in all provided patterns.
  • Capability inventory: Agent is granted Bash, Write, Edit, Grep, Glob, and Read permissions.
  • Sanitization: Patterns lack validation, filtering, or escaping of external content before processing.
  • NO_CODE (INFO): The skill contains only markdown documentation and code snippets for reference; no standalone executable scripts are included in the package.
  • SAFE (SAFE): No obfuscation, hardcoded credentials, or direct malicious instructions were found within the provided code snippets or metadata.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 11:21 AM