data-science-incident-rca
Pass
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, vulnerabilities, or suspicious behaviors were detected in the skill files.
- [COMMAND_EXECUTION]: The script
scripts/quick_validate_skill.pyutilizessubprocess.runto call the internal contract test suitetests/test_skill_contract.py. This is used for local validation and is standard for the skill's documented architecture. - [REMOTE_CODE_EXECUTION]: The validation script
tests/test_skill_contract.pyuses the Pythoncompile()function to verify the syntax of Python scripts within the skill directory. This operation is limited to local files and is used exclusively for structural validation. - [PROMPT_INJECTION]: The skill includes dedicated fixtures and instructions to test and ensure the agent maintains evidence boundaries and refuses to provide unverified confidence when faced with adversarial or high-pressure prompts.
- [EXTERNAL_DOWNLOADS]: Documented URLs point to established industry reports, academic research, and the author's own GitHub repository for visual assets. These references are consistent with the skill's primary purpose and do not involve untrusted code execution.
Audit Metadata