stata-analyst
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill instructions and technique guides (e.g.,
techniques/02_survey_resampling.md,techniques/03_synthetic_control.md) suggest using thessc installcommand to download and install third-party Stata packages likereghdfe,boottest,ritest,oaxaca, andsynth. These packages originate from the Statistical Software Components (SSC) archive, which is a community repository and constitutes an unverifiable external dependency. - COMMAND_EXECUTION (MEDIUM): The skill's operational core involves generating Stata
.doscripts and executing them via system shell commands (e.g.,stata -e do filename.do). Although this is the primary intended use case for the skill, the ability to execute arbitrary scripts in the host environment is a high-risk capability. - PROMPT_INJECTION (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) due to its data ingestion capabilities. 1. Ingestion points: The skill reads external data files using
import delimitedandimport excelcommands intechniques/00_data_prep.md. 2. Boundary markers: There are no specific boundary markers or safety instructions in the code templates to prevent the agent from interpreting instructions embedded within the user's datasets. 3. Capability inventory: The skill has the ability to execute shell commands, modify the file system, and access the network via package managers. 4. Sanitization: No data validation or sanitization logic is provided to inspect data content before it is processed by the analysis pipeline.
Audit Metadata