Skills
skills/panlm/mlflow-skills/querying-mlflow-metrics/Gen Agent Trust Hub

querying-mlflow-metrics

Pass

Audited by Gen Agent Trust Hub on Apr 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill runs a local Python script scripts/fetch_metrics.py to interact with the MLflow server.
  • [DATA_EXFILTRATION]: The script uses urllib.request to communicate with remote server URLs provided by the user via the -s argument.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it processes external data. Ingestion points: Data is fetched from a remote MLflow server in scripts/fetch_metrics.py using urllib.request.urlopen. Boundary markers: The skill does not use delimiters or specific instructions to isolate the server response from the agent's control context. Capability inventory: The skill can execute local scripts and perform network requests to arbitrary URLs. Sanitization: The script parses JSON responses and formats them into a table for the agent without sanitizing the string content of metric values or dimensions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 23, 2026, 06:02 AM