data-analysis
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data which could lead to indirect prompt injection.
- Ingestion points: Data is loaded from local CSV files using 'pd.read_csv("data.csv")' and from SQL databases via queries in SKILL.md.
- Boundary markers: None identified. The skill does not use specific delimiters or instructions to ignore embedded commands within the ingested data.
- Capability inventory: The skill allows the use of Bash, Read, Grep, and Glob tools, and executes Python code for data transformation and visualization.
- Sanitization: No automated sanitization or filtering is implemented for the content of processed datasets, although the instructions include a prohibition against exposing sensitive personal information.
Audit Metadata