Skills
skills/majesticlabs-dev/majestic-marketplace/great-expectations/Gen Agent Trust Hub

great-expectations

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (HIGH): The skill creates a significant attack surface by combining the processing of untrusted external content with high-privilege capabilities.\n
  • Ingestion points: The functions add_dataframe_asset and create_basic_suite in scripts/expectations.py ingest potentially untrusted pandas DataFrames and configuration dictionaries.\n
  • Boundary markers: The skill does not implement any delimiters or instruction-isolation techniques to prevent the agent from interpreting data content (such as malicious column names or data values) as operational commands.\n
  • Capability inventory: The allowed-tools metadata in SKILL.md grants the agent Read, Write, Edit, and Bash permissions. This extensive access allows for command execution and file system changes if the agent is compromised via data-driven injection.\n
  • Sanitization: Validation results are generated directly from the input data (e.g., column names and expectation failures) without sanitization, meaning any malicious payloads in the data metadata will be passed back into the agent's reasoning context.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 07:58 AM