data-analysis-pro
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and process untrusted external data from various file formats (CSV, Excel, Parquet, JSON, ZIP) via the
io_router.pyandpreprocessing.pyscripts. This creates a surface for indirect prompt injection where malicious instructions embedded in data cells could potentially influence the agent's behavior during summary generation or reporting. - Ingestion points:
scripts/io_router.py(data loading),scripts/column_profile.py(column profiling),scripts/eda_stats.py(statistical analysis). - Boundary markers: The skill lacks explicit boundary markers or structured delimiters when passing raw or summarized data content from scripts back to the AI agent's context.
- Capability inventory: The toolkit includes broad capabilities such as file system writes (writing JSON results and PNG charts via
common.py), environment variable modification, and executing complex statistical modeling viasklearnandstatsmodels. - Sanitization: There is no evidence of content sanitization or instruction-filtering for data values processed during the analysis phase.
Audit Metadata