verde
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill processes external data from CSV files via the
grid_data.pyscript. While this presents a theoretical attack surface for indirect prompt injection, the current implementation handles data numerically and does not interpret input content as instructions. - Ingestion points: Data is loaded from user-specified CSV files in
scripts/grid_data.pyusingpandas.read_csv. - Boundary markers: No specific delimiters or "ignore instructions" markers are used when loading the external data.
- Capability inventory: The script performs local file reads, numeric spatial interpolation, and local file writes (NetCDF).
- Sanitization: The script validates column existence and removes null values, which is appropriate for its data-processing purpose.
Audit Metadata