data-expert
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the agent to run local Python scripts (
scripts/fetch.pyandscripts/export_conversations.py) to interact with the analytics service. This is the intended behavior for automating data retrieval and processing tasks. - [EXTERNAL_DOWNLOADS]: The included scripts make network requests to
api.studiochat.ioto fetch conversation metrics and summaries. This is an official vendor endpoint used for the skill's primary function. - [PROMPT_INJECTION]: The skill processes data from external conversations which may contain untrusted user input (Indirect Prompt Injection surface).
- Ingestion points: Data is ingested via
scripts/fetch.pyandscripts/export_conversations.pywhen calling the Studio Chat API. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the processing logic.
- Capability inventory: The skill can execute local Python scripts, write results to files using the
-oflag, and make network requests viaurllib. - Sanitization: The scripts do not explicitly sanitize conversation content before outputting or saving it.
Audit Metadata