Skills
skills/pjt222/development-guides/review-data-analysis/Gen Agent Trust Hub

review-data-analysis

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it requires the agent to read and execute untrusted external content, such as analysis scripts and notebooks.
  • Ingestion points: Untrusted data enters the agent context through analysis code, notebooks, and raw data files as specified in Step 1, Step 3, and Step 5 of the procedure.
  • Boundary markers: The skill lacks explicit instructions to use delimiters or ignore embedded instructions when processing external files.
  • Capability inventory: The skill allows the use of potentially dangerous tools including Bash, Read, and WebFetch (referenced in SKILL.md frontmatter).
  • Sanitization: There are no instructions for the agent to validate or sanitize the external code before execution in Step 5 (Assess Reproducibility).
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 07:13 AM