Skills
skills/infsh-skills/skills/data-visualization/Gen Agent Trust Hub

data-visualization

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references an installation script for the vendor's CLI tool (belt) hosted on the vendor's official GitHub repository (https://raw.githubusercontent.com/inference-sh/skills/refs/heads/main/cli-install.md).
  • [REMOTE_CODE_EXECUTION]: The skill utilizes vendor-provided remote execution apps (infsh/python-executor and infsh/html-to-image) to process data and generate visual outputs. The Python code is passed as a string in the command arguments and executed in the vendor's environment.
  • [COMMAND_EXECUTION]: The skill uses the belt CLI tool to run applications and manage sessions. It also references adding additional skill packages using npx skills add from the vendor's repository.
  • [DATA_EXPOSURE_AND_EXFILTRATION]: While the Python recipes involve creating and saving image files (e.g., revenue.png, line-chart.png), these operations are performed locally or within the designated execution environment. No evidence of unauthorized data access or external exfiltration to non-vendor domains was detected.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 07:15 PM
Security Audit — agent-trust-hub — data-visualization