develop-data-analysis-dashboard
Warn
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to generate and execute a Python script named
data_cleaning.py. This script is used to process raw data and output cleaned results to a project directory. - [COMMAND_EXECUTION]: The skill requires all tool calls to be executed via
run_sdk_snippetby passing code to thepython_codeparameter, establishing a pattern of arbitrary code execution for standard operations. - [DATA_EXFILTRATION]: The provided template for
data_cleaning.pyexplicitly uses parent directory referencing (..) to access data sources. This pattern could be exploited to read sensitive files located outside the intended project directory within the workspace environment. - [REMOTE_CODE_EXECUTION]: The skill processes untrusted external data (CSV, JSON, Excel, Web-sourced data) and uses it to dynamically generate logic for dashboard cards (
getCardDatafunctions) and data cleaning scripts. This constitutes a risk of injecting malicious logic into the generated code. - [PROMPT_INJECTION]: The skill includes an 'Indirect Prompt Injection' surface where malicious instructions could be embedded in the processed data files.
- Ingestion points: Reads from
FILE_DATA_SOURCES, user-uploaded files, and web-sourced data. - Boundary markers: None identified in the instructions for separating data from instructions during processing.
- Capability inventory: Subprocess execution via
run_sdk_snippet, file system write access for project creation and data cleaning, and JS code generation for dashboard cards. - Sanitization: The skill instructions focus on data quality (missing values, types) rather than security sanitization to prevent instruction injection into generated scripts.
Audit Metadata