sweetviz
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill documentation instructs users to execute
pip install sweetviz. Because thesweetvizlibrary and its corresponding GitHub repository are not on the provided whitelist of trusted sources, the dependency is classified as unverifiable. - PROMPT_INJECTION (LOW): The skill exposes an indirect prompt injection surface through its data processing workflow. 1. Ingestion points: The skill ingests untrusted data from local files using
pd.read_csv('data.csv'). 2. Boundary markers: There are no markers or warnings provided to the agent to distinguish between data content and instructions. 3. Capability inventory: The skill has the capability to write to the local filesystem via thereport.show_html()method. 4. Sanitization: No sanitization or validation of the input CSV data is performed before analysis or report generation. - SAFE (INFO): The security alert concerning 'logger.info' is identified as a false positive. The automated scanner miscategorized a standard Python logging call as a malicious URL due to the '.info' suffix.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata