data-analysis
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill ingests untrusted external data which could contain instructions designed to influence agent behavior. Ingestion points: The
analyze_csvfunction inexample.pyreads data directly viapd.read_csv. Boundary markers: No delimiters or instructions are used to separate data from the prompt context. Capability inventory: The skill is limited to statistical calculations; no network access, file-write capabilities, or shell execution were identified. Sanitization: Relies solely on pandas parsing without content validation.
Audit Metadata