visualizing-data
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill ingests categorical, continuous, and temporal data from external sources to generate 24+ types of visualizations. This creates an attack surface where malicious instructions could be embedded in data strings rendered as labels, tooltips, or legends.\n
- Ingestion points: Data input for charts and dashboards defined in SKILL.md and referenced example datasets.\n
- Boundary markers: None explicitly identified in the instructions to separate data from formatting logic.\n
- Capability inventory: Rendering visualizations and executing a local validation script (scripts/validate_accessibility.py).\n
- Sanitization: No specific instructions are provided for sanitizing or escaping untrusted strings before interpolation into chart components.\n- [EXTERNAL_DOWNLOADS] (LOW): Recommends installation of industry-standard libraries (recharts, d3, plotly, matplotlib, seaborn) from trusted registries like NPM and PyPI. Per [TRUST-SCOPE-RULE], these are downgraded to LOW.\n- [COMMAND_EXECUTION] (LOW): Includes instructions to run npm install and a local Python script (scripts/validate_accessibility.py) for validating WCAG 2.1 AA compliance. These are standard development operations.
Audit Metadata