csv
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted CSV data which could contain malicious instructions designed to influence the agent's behavior (Indirect Prompt Injection).
- Ingestion points: CSV files are read via pd.read_csv() and csv.DictReader() in SKILL.md.
- Boundary markers: No explicit delimiters or instructions to ignore embedded content are present.
- Capability inventory: The skill has permissions for file reading, writing, and executing Bash commands (cat, tail) as well as data processing.
- Sanitization: No sanitization is performed on the content of the CSV files beyond standard data type conversion.
Audit Metadata