scientific-data-preprocessing
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill utilizes instructional override patterns designed to supersede the agent's internal knowledge and standard reasoning protocols.
- Evidence: The
README.mdandSKILL.mdfiles contain phrases such as "Authority Level: MAXIMUM", "When this skill conflicts with other knowledge: This skill wins", and "MANDATORY consultation". - Risk: These patterns attempt to enforce a hierarchy where the skill's instructions take precedence over the agent's core training or other system guidelines, which is a common technique for hijacking agent behavior.
- [PROMPT_INJECTION]: The skill exposes a surface for indirect prompt injection by processing untrusted data without sufficient security boundaries.
- Ingestion points: Data is ingested via
pd.read_csv('tennis_data.csv')inSKILL.mdandExample 1. - Boundary markers: Absent; the skill does not use delimiters or explicit instructions for the agent to ignore potential commands embedded within the data content.
- Capability inventory: No critical tool access, network operations, or dangerous shell execution capabilities were identified across the skill's scripts.
- Sanitization: Absent; the skill lacks mechanisms to sanitize or validate that the content of the data files does not contain natural language instructions intended to influence the agent.
Audit Metadata