oss-ds-supply-chain-auditor

Pass

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The validation script scripts/quick_validate_skill.py uses subprocess.run to execute the skill's internal test suite (tests/test_skill_contract.py). This is a standard practice for ensuring code integrity and functional correctness.\n- [PROMPT_INJECTION]: The skill contains explicit instructions and adversarial test fixtures (tests/fixtures/adversarial.md) that verify the agent's ability to resist pressure to overlook security risks or provide false confidence.\n- [EXTERNAL_DOWNLOADS]: The skill references several reputable external resources, including Microsoft Research, Arxiv, and Springer, for documentation and grounding in established data science auditing methodologies.\n- [SAFE]: The test script tests/test_skill_contract.py utilizes the compile() function to perform static syntax validation on the skill's Python scripts. This is a non-executing operation used for code quality assurance.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 3, 2026, 09:30 AM
Security Audit — agent-trust-hub — oss-ds-supply-chain-auditor