data-expert
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill does not contain any detected malicious patterns or unauthorized behaviors. It actively promotes security best practices such as data sanitization and PII redaction.
- [PROMPT_INJECTION]: No evidence of prompt injection or bypass attempts was found. The instructions are domain-focused and maintain professional boundaries. While the skill interacts with user-specified data files, the inclusion of strict validation and sanitization requirements (Iron Laws) significantly mitigates indirect injection risks.
- [DATA_EXFILTRATION]: No sensitive credential access or unauthorized network operations were identified. A placeholder URL found in the documentation serves as a legitimate example for server component development.
- [COMMAND_EXECUTION]: The skill requests standard tools (Bash, Read, Write) for its operations. Its use of command-line operations is restricted to documented data pipeline tasks (e.g., using 'dvc') and internal memory management protocols (reading context files).
Audit Metadata