Skills
skills/seb1n/awesome-ai-agent-skills/ml-pipeline-creation/Gen Agent Trust Hub

ml-pipeline-creation

Warn

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [DYNAMIC_EXECUTION]: The evaluate.py script implements joblib.load() to deserialize model files. Since joblib uses the pickle module internally, it is vulnerable to arbitrary code execution if the model file is malicious or has been tampered with.
  • [DYNAMIC_EXECUTION]: The skill's primary function involves running arbitrary local Python scripts (preprocess.py, train.py, evaluate.py) specified in a configuration file, which allows for arbitrary code execution within the environment where the agent operates.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes external data files without adequate safety measures, creating an attack surface for indirect prompt injection.
  • Ingestion points: Untrusted data is ingested from CSV files in preprocess.py and train.py via pd.read_csv.
  • Boundary markers: No delimiters or instructions are used to separate untrusted data from the script logic.
  • Capability inventory: The skill has the capability to execute scripts and perform extensive file system writes.
  • Sanitization: There is no evidence of data validation or sanitization before processing the input files.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 19, 2026, 08:23 AM