pudl
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructions include references to downloading data from vendor-managed S3 buckets (s3://pudl.catalyst.coop/). These are legitimate vendor resources used for data distribution and do not represent a security risk.
- [PROMPT_INJECTION]: The skill processes external data which presents a surface for indirect prompt injection. The analysis confirms this is a standard data-user workflow with no malicious intent detected.
- Ingestion points: S3 Parquet tables and JSON metadata files (referenced in SKILL.md and metadata-and-querying.md).
- Boundary markers: Absent. The skill does not provide specific instructions to the agent to isolate or ignore instructions embedded in the data.
- Capability inventory: Python execution (pandas, polars, duckdb) and CLI execution (jq, pixi) used for data processing and documentation building.
- Sanitization: Absent. The skill relies on standard library-level parsing for data ingestion.
Audit Metadata