data-explorer
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from external files (CSV, Excel, TSV).
- Ingestion points: Data is loaded from user-provided files in 'Step 1: 데이터 로딩'.
- Boundary markers: There are no instructions to use delimiters or ignore embedded natural language instructions within the data rows.
- Capability inventory: The skill can execute shell commands via Bash and read local files.
- Sanitization: The workflow does not include sanitization or validation to prevent the agent from obeying instructions hidden within the data.
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute Python pandas scripts for data profiling.
- Evidence: The '도구 사용' section explicitly mentions using Bash to run Python pandas scripts.
- Context: While this is a standard method for data analysis, it constitutes dynamic execution that could be exploited if the script generation logic is influenced by malicious data content.
Audit Metadata