Skills
skills/warpdotdev/oz-skills/analysis-artifacts/Gen Agent Trust Hub

analysis-artifacts

Warn

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to "write a Python script to generate [visualizations] and save both the script and the output image". This requires the agent to generate and execute code dynamically based on the analysis context.
  • [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection through data ingestion.
  • Ingestion points: Data retrieved from BigQuery is processed to create summaries, tables, and visualization scripts (SKILL.md workflow).
  • Boundary markers: No specific delimiters or instructions are provided to the agent to treat data from the database as untrusted content.
  • Capability inventory: The agent is authorized to create directories, write multiple file types (.sql, .py, .csv, .md), and execute Python scripts.
  • Sanitization: The workflow lacks steps for validating or escaping data before it is interpolated into analysis artifacts or visualization scripts.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 5, 2026, 11:26 PM