Skills
skills/brycewang-stanford/awesome-agent-skills-for-empirical-research/polars/Gen Agent Trust Hub

polars

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill facilitates the ingestion of data from various untrusted external sources, creating a surface for indirect prompt injection where data could contain instructions meant to influence the agent.
  • Ingestion points: The documentation in references/io-data.md and references/quickstart.md covers loading data from CSV, Parquet, JSON, S3, SQL databases, and remote HTTP URLs.
  • Boundary markers: The skill lacks explicit instructions or delimiters to isolate data from instructions or to warn the agent about untrusted content in data files.
  • Capability inventory: SKILL.md mentions a research workflow involving the execution of Python scripts in the scripts/ directory to process data, as well as a reference to a mandatory script execution protocol in agent_reference/SCRIPT_EXECUTION_REFERENCE.md.
  • Sanitization: There are no mentions of data validation or sanitization steps before processing external content.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 10:10 AM
Security Audit — agent-trust-hub — polars