data-profiling
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses a Python script (
scripts/profiler.py) to perform its main functionality of scanning datasets and generating reports. This is an expected behavior for a data profiling tool. - [EXTERNAL_DOWNLOADS]: The script depends on standard, widely-used Python packages including
pandasandnumpy. These are recognized as well-known libraries in the data science ecosystem. - [PROMPT_INJECTION]: A surface for indirect prompt injection exists because the skill processes untrusted user data and incorporates it into a report that may be read by an agent.
- Ingestion points: Data is ingested via the
--data_pathparameter inscripts/profiler.pyusingpd.read_csvandpd.read_parquet. - Boundary markers: The markdown report generation does not implement specific delimiters or instructions to treat data-derived strings as non-executable content.
- Capability inventory: The skill uses a
ReportWriterclass (imported from a system-level utility directory) to write files and emit state updates. - Sanitization: The script performs basic string conversion and truncation on sample data and column names before inclusion in the output report.
Audit Metadata