Skills
skills/owid/owid-claude-plugins/fetch-chart-data/Gen Agent Trust Hub

fetch-chart-data

Pass

Audited by Gen Agent Trust Hub on Apr 27, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill processes external data from Our World In Data which creates a surface for indirect instructions to be processed by the agent.
  • Ingestion points: Fetches metadata (JSON) and data (CSV) from external URLs associated with Our World In Data (SKILL.md).
  • Boundary markers: Absent. There are no instructions to use specific delimiters or warnings to ignore instructions that might be embedded in the fetched data.
  • Capability inventory: The skill uses curl, cut, and jq via Bash to process and filter the external data (SKILL.md).
  • Sanitization: Absent. No sanitization or validation of the retrieved content is performed before it is used.
  • [DATA_EXPOSURE_AND_EXFILTRATION]: The skill performs network requests using curl to retrieve data from ourworldindata.org. This activity is central to the skill's purpose and targets a well-known service.
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands such as curl, cut, and jq. These are standard utilities used for the legitimate purpose of retrieving and processing data for analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 27, 2026, 07:48 AM