evaluation-reality-check

Pass

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references multiple external research papers and industry reports in references/evidence-map.md. These links point to established organizations like Anaconda and Drexel University and are used solely as educational grounding for the evaluation methodologies.
  • [COMMAND_EXECUTION]: The script scripts/quick_validate_skill.py uses subprocess.run to invoke internal tests. This is a standard development practice used here to verify the structural integrity of the skill folder.
  • [REMOTE_CODE_EXECUTION]: The validation tool tests/test_skill_contract.py uses the Python compile() function to perform syntax checks on local scripts. This is used for static analysis during the skill's installation or validation phase and does not involve executing code from untrusted remote sources.
  • [PROMPT_INJECTION]: The skill includes adversarial testing fixtures in tests/fixtures/adversarial.md. These are designed to evaluate the agent's ability to resist pressure to overlook data science red flags, serving as a defensive robustness feature rather than an attack vector.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 3, 2026, 09:30 AM
Security Audit — agent-trust-hub — evaluation-reality-check