csv-data-visualizer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Category 4: Unverifiable Dependencies (SAFE): The skill requires standard, reputable Python libraries (pandas, plotly, numpy, and kaleido). These are well-known packages in the data science ecosystem and are appropriate for the skill's stated purpose of CSV visualization.
- Category 8: Indirect Prompt Injection Surface (SAFE): The skill ingests untrusted data via CSV files.
- Ingestion points: CSV files are read in
scripts/visualize_csv.pyandscripts/create_dashboard.py. - Boundary markers: Absent; the scripts do not explicitly warn the model about potential instructions hidden in the data.
- Capability inventory: File reading (
pd.read_csv), data processing, and local file writing (fig.write_html,fig.write_image). - Sanitization: Standard pandas/plotly handling treats data as literal values, preventing execution. The risk of the AI agent being influenced by content within the CSV is minimal given the specialized visualization context.
Audit Metadata