data-analytics-reporter
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) due to its core function of processing untrusted data.
- Ingestion points:
scripts/analyze_csv.pyandscripts/check_data_quality.pyread data directly from user-provided CSV files via thecsvmodule. - Boundary markers: No explicit delimiters or instructions are used to separate data from instructions when the results are presented to the agent.
- Capability inventory: The associated scripts are restricted to file reading and statistical computation; they do not possess network access, subprocess execution, or file-writing capabilities.
- Sanitization: The scripts do not sanitize or escape the content of the CSV cells before including them in the generated markdown or JSON reports, allowing for potential instruction injection if the agent interprets the report content.
- [SAFE]: The provided Python scripts (
analyze_csv.pyandcheck_data_quality.py) use only Python standard libraries (csv,statistics,json,argparse,re) and perform all operations locally. There are no network requests, remote downloads, or credential-handling operations. - [SAFE]: The skill includes a proactive security feature in
scripts/check_data_quality.pythat uses regular expressions and name heuristics to detect potential PII (Email, Phone, SSN), alerting the user to sensitive data before further processing. - [SAFE]: The reference materials (
report-example.mdandsql-patterns.md) contain standard, non-malicious code snippets and SQL queries for business intelligence tasks.
Audit Metadata