text-analyst
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest and analyze untrusted text data from external files in the 'data/raw/' directory. Malicious instructions embedded in the corpus could potentially influence agent behavior during tasks involving reading and summarizing document content.\n
- Ingestion points: Local file system access to CSV and text files in 'data/raw/' as specified in 'phases/phase1-corpus.md' and 'phases/phase4-validation.md'.\n
- Boundary markers: Absent. The skill does not implement specific delimiters or 'ignore' instructions when processing corpus text.\n
- Capability inventory: The agent performs file write operations (memos/, output/) and executes complex data analysis code in R and Python.\n
- Sanitization: No sanitization or safety-filtering logic is applied to the content of the analyzed documents.\n- [External Downloads] (SAFE): The technique guides recommend installing several standard industry-standard libraries (e.g., 'nltk', 'bertopic', 'tidytext') from reputable registries like CRAN and PyPI. These are expected dependencies for the skill's stated purpose.
Audit Metadata