golden-jupyter

Pass

Audited by Gen Agent Trust Hub on Jun 27, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill includes instructions to install the pandas library via pip. This is a standard and expected procedure for setting up a data science environment.
  • [COMMAND_EXECUTION]: The skill documentation contains shell commands for package management (pip install) and Jupyter magic commands (%timeit) intended for performance profiling. These are standard development tools and are used here within their normal scope.
  • [PROMPT_INJECTION]: The skill demonstrates reading from a local file (data.csv) in references/analysis.md. 1. Ingestion points: The skill uses pd.read_csv to ingest data. 2. Boundary markers: Absent. 3. Capability inventory: No network access, file writing, or command execution capabilities are granted or utilized. 4. Sanitization: Absent. While data ingestion can be a surface for indirect prompt injection, the lack of exploitable capabilities renders this surface safe.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 27, 2026, 09:33 AM
Security Audit — agent-trust-hub — golden-jupyter