r-analyst
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Dynamic Execution (LOW): The skill generates R scripts from internal templates and executes them using the 'Rscript' command to perform statistical tasks. This behavior is the core intended functionality of the skill.
- Indirect Prompt Injection (LOW): The skill ingests user-provided datasets (CSV, DTA) for analysis, creating a theoretical surface for injection. However, the data is used for quantitative processing, and there is no evidence of untrusted strings being interpolated into system prompts. Evidence: 1. Ingestion points: read.csv and read_dta calls in phase1-data.md. 2. Boundary markers: None present. 3. Capability inventory: Command execution via Rscript and local file writes. 4. Sanitization: Quantitative processing naturally limits the impact of string-based injection.
Audit Metadata