data-visualization
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
infshcommand-line utility to interact with backend services, including user authentication and running specific applications as part of the visualization workflow. - [EXTERNAL_DOWNLOADS]: The documentation references an external URL on GitHub (
https://raw.githubusercontent.com/inference-sh/skills/refs/heads/main/cli-install.md) to provide users with platform installation instructions, which is standard for platform-specific skills. - [REMOTE_CODE_EXECUTION]: The skill utilizes the
infsh/python-executorandinfsh/html-to-imagetools to execute code and render visualizations remotely. This behavior is expected as it is the core functionality for generating charts and KPI cards within the platform environment. - [PROMPT_INJECTION]: The skill contains patterns where user data is interpolated into code templates for execution. This creates a surface for indirect prompt injection if an agent processes untrusted data without validation before placing it into the Python script strings.
- Ingestion points: Data for chart categories, values, and labels processed in SKILL.md templates.
- Boundary markers: None present in the code templates to separate data from code.
- Capability inventory: Python code execution via
infsh/python-executorand file creation capabilities. - Sanitization: No explicit sanitization or validation logic is provided in the chart recipes.
Audit Metadata