tao-route-visual-changenet-samples
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill follows established patterns for data processing within the TAO/VCN pipeline. It does not access sensitive system files or make unauthorized network connections.
- [COMMAND_EXECUTION]: The skill instructs the agent to execute a specific Python script via the
Bashtool to filter and save Parquet data. This is the intended and documented purpose of the skill and does not involve untrusted remote code. - [PROMPT_INJECTION]: The skill processes external data (Parquet and CSV files), which constitutes a potential surface for indirect prompt injection. However, the risk is evaluated as low because the agent is directed to use a structured Python script for processing rather than interpreting the data content as instructions.
- Ingestion points: Reads labels and file paths from
gaps_parquetandsource_pool_csvas specified inSKILL.md. - Boundary markers: None explicitly implemented in the provided prompts.
- Capability inventory: Uses
Bashfor Python script execution andReadfor file access, which are appropriate for the task. - Sanitization: Labels are converted to uppercase for comparison, providing a basic level of input normalization.
Audit Metadata