senior-data-engineer
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The
scripts/data_quality_scan.pyscript creates a vulnerability surface for indirect prompt injection by processing external data. - Ingestion points: The script reads contents from user-specified CSV or JSONL files via the
_profile_csvfunction. - Boundary markers: No explicit boundary markers or instructions are provided to the agent to ignore or delimit instructions that might be embedded within the data profile output.
- Capability inventory: The skill enables the agent to execute a local Python script which performs file system read and write operations.
- Sanitization: The script extracts and returns raw data samples (top 10 unique values per column) in its JSON report without any sanitization or escaping of potentially malicious content.
Audit Metadata