Skills
skills/toolshell/skills/data-visualization/Gen Agent Trust Hub

data-visualization

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the belt CLI tool to run specific applications such as infsh/python-executor and infsh/html-to-image for generating visual content.
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to download a CLI installation script from a public GitHub repository and encourages adding related skills using the npx command.
  • [REMOTE_CODE_EXECUTION]: Visualization logic is implemented in Python and executed within a remote or sandboxed environment using the infsh/python-executor tool.
  • [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection because it provides code templates that are intended to be populated with data. If untrusted input is interpolated into these scripts without proper sanitization, it could lead to arbitrary code execution within the executor context.
  • Ingestion points: The input JSON payload for the belt app run commands in SKILL.md.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are included in the templates.
  • Capability inventory: The skill allows for shell command execution via the belt CLI and Python code execution.
  • Sanitization: The templates do not demonstrate input validation or escaping mechanisms for the data being visualized.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 06:35 PM
Security Audit — agent-trust-hub — data-visualization