baseline-ablation-lab
Pass
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is a well-documented and secure data science utility. Technical review of its instructions, metadata, and scripts confirms that all functionality is focused on evidence-based model evaluation and follows standard development practices. All external resource links point to trusted repositories or reputable organizations.\n- [COMMAND_EXECUTION]: The script
scripts/quick_validate_skill.pyusessubprocess.runto execute the local contract test suite. This process verifies that the skill folder contains all required assets and meets portability standards for different agent runtimes.\n- [PROMPT_INJECTION]: The skill includes adversarial prompt fixtures (e.g.,tests/fixtures/adversarial.md) designed to help the agent recognize and resist attempts to override safety warnings or ignore established validation protocols. Additionally, it identifies a safe indirect prompt injection surface: \n - Ingestion points: Workspace artifacts like notebooks and SQL files. \n
- Boundary markers: Uses a structured 'Output Contract' for reporting. \n
- Capability inventory: Reading local files and executing internal validation scripts. \n
- Sanitization: No automated content filtering is performed on ingested data evidence.
Audit Metadata