Skills
skills/dtyq/magic/analyzing-data-dashboard/Gen Agent Trust Hub

analyzing-data-dashboard

Pass

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [DYNAMIC_EXECUTION]: The skill generates and executes Python scripts (data_cleaning.py) and JavaScript functions (getCardData) to process and visualize data. This involves runtime assembly and execution of code based on user requirements.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from external files (CSV, Excel). Ingestion points: data_cleaning.py (using pandas) and getCardData (using csv.load) load data from external sources. Boundary markers: Absent. No explicit instructions are provided to the agent to use delimiters or ignore embedded instructions when processing external data. Capability inventory: The skill uses run_skills_snippet for Python execution and card management tools for JavaScript generation. Sanitization: No explicit validation or escaping of ingested data is described before it is processed or visualized.
  • [EXTERNAL_DOWNLOADS]: The tool download_dashboard_maps performs network requests to download GeoJSON files for map visualizations.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 28, 2026, 12:28 PM