mlflow-python
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes external data which constitutes an indirect prompt injection surface.
- Ingestion points: The
scripts/log_backtest.pyscript reads user-provided CSV files, andscripts/query_experiments.pyandscripts/get_metric_history.pyingest data from remote MLflow server responses. - Boundary markers: No explicit boundary markers or instructions to ignore potential instructions within the data are used when presenting findings to the agent.
- Capability inventory: The skill can read local files, perform network operations to MLflow servers, and execute Python scripts to log metrics and parameters.
- Sanitization: The ingested data is parsed into structured formats (DataFrames) but the content is not sanitized for natural language instructions before being displayed.
Audit Metadata