analyzing-mlflow-trace
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill provides instructions to execute
mlflowandjqCLI tools. While these are required for the skill's primary purpose of trace analysis, they represent a standard command execution surface. - [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection (Category 8). * Ingestion points: External MLflow trace data retrieved via the
mlflowCLI (SKILL.md). * Boundary markers: Absent. There are no instructions to use delimiters or ignore embedded instructions within the trace data. * Capability inventory: Subprocess execution ofmlflowandjq, and file system access for temporary storage. * Sanitization: Absent. Whilejqis used for structural parsing, the natural language content within the spans is not sanitized before analysis.
Audit Metadata