schema-discoverer
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data files (CSV, JSON, Parquet) to infer their schema. This creates a surface for indirect prompt injection where malicious instructions embedded within the data files could attempt to influence the agent's behavior.
- Ingestion points: Data is ingested via file reading tools and analyzed using pandas (SKILL.md).
- Boundary markers: There are no explicit delimiters or instructions to ignore embedded content within the analyzed files.
- Capability inventory: The skill is configured with access to tools including
Bash,Read,Grep, andGlob(SKILL.md). - Sanitization: No explicit sanitization or validation of the content of the data files is performed before processing.
Audit Metadata