autodiscovery
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the 'asta-plugins' tool from the official vendor repository on GitHub using the 'uv' package manager. This is a legitimate setup step for the provided functionality.
- [COMMAND_EXECUTION]: The agent uses the 'asta' command-line tool to perform operations such as creating runs, uploading datasets, and monitoring experiment status. These commands are integral to the skill's purpose.
- [PROMPT_INJECTION]: The skill involves reading user-provided data files (CSV, JSON) to assist in experiment configuration. This creates an indirect prompt injection surface, though it is necessary for the skill's primary function of scientific analysis.
- Ingestion points: Local data files like 'dataset.csv' are read to understand their structure and content.
- Boundary markers: There are no explicit instructions for using delimiters or boundary markers when the agent processes these files.
- Capability inventory: The skill has permissions to read files, write JSON metadata, and communicate with the vendor's platform via the CLI.
- Sanitization: No specific sanitization or validation of the data content is described before the agent uses it to generate metadata.
Audit Metadata