Skills
skills/vuralserhat86/antigravity-agentic-skills/data_visualization/Gen Agent Trust Hub

data_visualization

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (HIGH): The skill is designed to ingest and process untrusted external data (raw data, stock prices, CSVs) and use it to drive code generation for visualizations.
  • Ingestion points: Analyzes "provided data" and "raw data" mentioned in the Overview and Examples sections of SKILL.md.
  • Boundary markers: Absent. There are no instructions for the agent to distinguish between data content and control instructions.
  • Capability inventory: The skill has access to Bash, Write, Edit, and Read tools, allowing for arbitrary command execution and file system modification.
  • Sanitization: Absent. No logic is provided to sanitize data before it is used to generate Python or JavaScript code.
  • Command Execution (HIGH): The frontmatter explicitly allows the Bash tool. While visualization often requires running scripts, granting full shell access alongside data ingestion tools creates a significant RCE (Remote Code Execution) risk if the data contains malicious instructions.
  • Privilege Escalation (MEDIUM): The skill's allowed-tools list is broader than necessary for simple visualization. Full Bash and Edit access allows the agent to modify system configurations or user files unrelated to data analysis.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 10:32 AM