baseline-ablation-lab

Pass

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill is a well-documented and secure data science utility. Technical review of its instructions, metadata, and scripts confirms that all functionality is focused on evidence-based model evaluation and follows standard development practices. All external resource links point to trusted repositories or reputable organizations.\n- [COMMAND_EXECUTION]: The script scripts/quick_validate_skill.py uses subprocess.run to execute the local contract test suite. This process verifies that the skill folder contains all required assets and meets portability standards for different agent runtimes.\n- [PROMPT_INJECTION]: The skill includes adversarial prompt fixtures (e.g., tests/fixtures/adversarial.md) designed to help the agent recognize and resist attempts to override safety warnings or ignore established validation protocols. Additionally, it identifies a safe indirect prompt injection surface: \n
  • Ingestion points: Workspace artifacts like notebooks and SQL files. \n
  • Boundary markers: Uses a structured 'Output Contract' for reporting. \n
  • Capability inventory: Reading local files and executing internal validation scripts. \n
  • Sanitization: No automated content filtering is performed on ingested data evidence.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 3, 2026, 09:30 AM
Security Audit — agent-trust-hub — baseline-ablation-lab