data-analysis
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill implements a professional and standard data science workflow, utilizing well-known R packages such as
tidyverse,fixest, andmodelsummary. It emphasizes best practices like setting random seeds and organizing outputs into dedicated directories. - [COMMAND_EXECUTION]: The skill is authorized to use the
Bashtool to execute R scripts and manage the project's file structure. This capability is necessary for the skill's primary function of automated data analysis and is applied in a structured manner. - [PROMPT_INJECTION]: The skill takes user input via
$ARGUMENTSto define the analysis goal and data sources, which creates a surface for indirect prompt injection. - Ingestion points: Dataset paths and natural language descriptions of analysis goals in the
SKILL.mdfile. - Boundary markers: None are explicitly used to delimit user input from the rest of the prompt logic.
- Capability inventory: The skill has access to
Bash,Write,Edit, andTasktools, which allow for code execution and file system modifications. - Sanitization: The skill mitigates risks by requiring the delegation of generated scripts to an
r-revieweragent for validation before final execution and presentation of results.
Audit Metadata