exploratory-data-analysis
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions direct the agent to execute a local Python script (scripts/eda_analyzer.py) and implement custom code snippets to perform data analysis and report generation.
- [EXTERNAL_DOWNLOADS]: The documentation identifies several required scientific Python libraries (e.g., biopython, rdkit, nd2reader, mdanalysis) and suggests their installation via uv pip install if they are not already present in the environment.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes content from a wide variety of external scientific data files (over 200 formats) provided by the user.
- Ingestion points: Scientific data files across multiple domains (chemistry, bioinformatics, imaging) as specified in SKILL.md.
- Boundary markers: Absent; no specific delimiters or instructions to ignore embedded commands are defined for file processing.
- Capability inventory: Local script execution (scripts/eda_analyzer.py) and file system read/write access.
- Sanitization: No explicit sanitization or validation of data file content is mentioned prior to analysis or inclusion in the generated reports.
Audit Metadata