Skills
skills/jamditis/claude-skills-journalism/python-pipeline/Gen Agent Trust Hub

python-pipeline

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill defines a surface for indirect prompt injection by processing untrusted data from CSV files and URLs within LLM prompts.
  • Ingestion points: Data entered via the read_input function and passed to AI service methods in SKILL.md.
  • Boundary markers: The prompt templates do not use delimiters or instructions to ignore embedded commands.
  • Capability inventory: The skill includes file writing (write_output, save), network operations (requests.get), and API access (gspread, google.generativeai).
  • Sanitization: No input sanitization or escaping is implemented; only character-based truncation is used.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 01:24 AM