sap-hana-ml
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill documents methods for ingesting data from external SAP HANA tables, CSV files, and shapefiles, which establishes an indirect prompt injection surface. If an agent processes untrusted data from these sources without sanitization, it could be manipulated.\n
- Ingestion points: Multiple entry points are identified in
references/DATAFRAME_REFERENCE.md, includingConnectionContext.table(),ConnectionContext.sql(), andimport_csv_from().\n - Boundary markers: The skill does not currently provide instructions or patterns for using delimiters to isolate untrusted data from the system prompt.\n
- Capability inventory: The skill enables significant capabilities including executing SQL on remote HANA instances and persisting models/data to the database and local filesystem.\n
- Sanitization: The documentation includes the
hana_ml.dataframe.quotenameutility for escaping SQL identifiers.\n- [EXTERNAL_DOWNLOADS]: The skill references standard installation of thehana-mllibrary and its visualization suite (includingmatplotlib,plotly,graphviz, andwordcloud) from the Python Package Index (PyPI).
Audit Metadata