data-scientist
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Command Execution] (MEDIUM): Usage of 'bq' command-line tools presents a risk of argument injection if input is not properly sanitized.
- [Prompt Injection] (MEDIUM): Lack of boundary markers for processing external 'data analysis requirements' and query 'results' makes the skill vulnerable to indirect prompt injection.
- [Data Exposure] (LOW): The ability to generate and execute SQL queries can be exploited to access unauthorized data if the agent is not restricted to specific datasets or if the agent is manipulated into revealing schema information.
Audit Metadata