data-expert
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill's scripts (
fetch.pyandexport_conversations.py) make network requests to the official API endpointhttps://api.studiochat.ioto retrieve conversation data, metrics, and project configurations. - [COMMAND_EXECUTION]: The skill documentation instructs the agent to execute local Python scripts to interact with the API and process data. It also provides Python code recipes for the agent to run during analysis tasks, including use of
subprocessto call utility scripts. - [PROMPT_INJECTION]: The skill processes untrusted customer conversation data fetched from the API, which presents an indirect prompt injection surface where instructions hidden in customer messages could attempt to influence the agent's analysis.
- Ingestion points: Conversation messages and metadata are fetched from the Studio Chat API via
fetch.pyandexport_conversations.py. - Boundary markers: The workflow suggests saving raw data to JSON files for reference and processing.
- Capability inventory: The skill can execute Python scripts and make authenticated network requests to the platform API.
- Sanitization: No explicit sanitization of conversation content is performed before analysis.
Audit Metadata