data-classification
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions designed to override agent behavior, bypass safety filters, or extract system prompts were detected.
- [Data Exposure & Exfiltration] (SAFE): While the skill manages sensitive data labels (PII, SSN, etc.), it does not contain hardcoded credentials, API keys, or any network exfiltration logic.
- [Indirect Prompt Injection] (LOW):
- Ingestion points: The
classify_by_contentfunction reads data from external tables usingspark.table(table). - Boundary markers: No specific boundary markers are used in the provided code snippets as they are primarily algorithmic templates.
- Capability inventory: The skill uses
spark.tablefor reading data andALTER TABLEfor writing metadata tags. - Sanitization: Untrusted content is processed using regular expression pattern matching (
re.match), which is a safe way to identify sensitive data without executing it. - [Unverifiable Dependencies & Remote Code Execution] (SAFE): No external package installations or remote script executions (e.g., curl piped to bash) were found.
- [Obfuscation] (SAFE): The content is provided in clear text with no evidence of encoding or hidden characters.
Audit Metadata