chart-generator
Pass
Audited by Gen Agent Trust Hub on Jun 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Self-referential safety assertions were found in
skill-report.json. This metadata file includes explicit claims that the skill is safe and that prior analysis findings were false positives, representing an attempt to influence the agent's safety evaluation. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection attack surface via its data processing functions.
- Ingestion points: Data ingestion occurs in various plotting functions in
SKILL.md(e.g.,generate_charts_from_data) which accept external CSV or DataFrame inputs. - Boundary markers: The instructions lack delimiters or system-level directives to ignore instructions that might be embedded within the processed data.
- Capability inventory: The skill includes file system write capabilities using standard library functions like
plt.savefig,fig.write_html, andos.makedirsto create directories and save visualization outputs. - Sanitization: There is no evidence of data sanitization or structural validation in the provided code snippets to prevent malicious content from influencing the agent's context.
Audit Metadata