puda-report
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
pudaCLI tool to perform database schema inspection and project data extraction. This is standard functionality for the vendor's toolset and aligns with the skill's stated purpose. - [EXTERNAL_DOWNLOADS]: The workflow includes instructions to install
pandasandmatplotlibviapip. These are well-known, trusted libraries used globally for data science and visualization. - [PROMPT_INJECTION]: The skill includes a workflow that reads data from an external source (
puda.db), which presents a surface for indirect prompt injection if the database content includes malicious instructions. - Ingestion points: Data is loaded from a local SQLite database (
puda.db) into pandas DataFrames. - Boundary markers: Not present; the instructions do not specify using delimiters for the ingested data.
- Capability inventory: The skill can execute CLI commands (
puda,pip) and generate Python scripts for execution. - Sanitization: No explicit sanitization or validation logic is requested for the database content before processing.
Audit Metadata