backlog-prioritization-assistant
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs local mathematical calculations on CSV data and outputs a JSON report. No malicious patterns or security risks were identified.
- [EXTERNAL_DOWNLOADS]: No external network requests or downloads were detected in the code or documentation.
- [COMMAND_EXECUTION]: The skill uses a local Python script provided with the package which utilizes only the Python standard library.
- [DATA_EXFILTRATION]: No network access, hardcoded credentials, or sensitive file access patterns were identified.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes untrusted CSV data. However, the risk is minimal as the script performs structured data transformation.
- Ingestion points: CSV data read in
backlog_prioritization_assistant.pyvia the--inputparameter. - Boundary markers: Absent; the resulting JSON contains raw strings from the input.
- Capability inventory: Python
open,csv, andjsonfor file processing. - Sanitization: Numeric values are converted to floats; identifiers and titles are not sanitized.
Audit Metadata