mle-workflow
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill specifies a workflow that involves analyzing untrusted external content like model notebooks, datasets, and production logs, which constitutes an indirect prompt injection surface. 1. Ingestion points: The skill is designed to process external repositories, specifically notebooks, datasets, and model artifacts mentioned in the 'When to Activate' and 'Review Checklist' sections. 2. Boundary markers: There are no explicit instructions for the agent to use boundary markers or delimiters when ingesting these external data sources. 3. Capability inventory: The workflow relies on file system access and the ability to execute Python scripts for training and performance evaluation. 4. Sanitization: The skill provides mitigation guidance by instructing the agent to scan for PII, hardcoded secrets, and unsafe deserialization patterns during the security review phase.
Audit Metadata