Skills
skills/jaechang-hits/sciagent-skills/astropy-astronomy/Gen Agent Trust Hub

astropy-astronomy

Pass

Audited by Gen Agent Trust Hub on Mar 16, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is designed to ingest and process data from external astronomical files, creating a surface for indirect prompt injection.\n
  • Ingestion points: Functions like Table.read(), fits.open(), and CCDData.read() in SKILL.md and references/data_io_guide.md load data from external formats such as FITS, CSV, and VOTable.\n
  • Boundary markers: There are no explicit instructions or delimiters defined to prevent the agent from interpreting ingested data content as instructions.\n
  • Capability inventory: The agent has the ability to write files to the local disk using writeto() and write() methods, as documented in SKILL.md and references/data_io_guide.md.\n
  • Sanitization: The skill relies on standard library parsing without additional sanitization or content validation for the ingested data.\n- [EXTERNAL_DOWNLOADS]: The skill documentation includes examples of fetching data from remote locations.\n
  • The astropy.utils.data.download_file function is documented in references/auxiliary_modules.md for fetching remote resources.\n
  • Support for remote FITS file access (e.g., via S3) is mentioned in references/data_io_guide.md.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 16, 2026, 02:33 AM