data-analysis
Pass
Audited by Gen Agent Trust Hub on May 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill implements a 'look at the sample, not the whole' principle, instructing the agent to read only the first few rows (e.g., nrows=5) to avoid token overflow and environment stalls.
- [SAFE]: In the visualization and reporting references, there are explicit requirements to de-identify sensitive fields like phone numbers and ID cards before generating output files.
- [COMMAND_EXECUTION]: The skill's primary function involves generating and executing code in Python (Pandas, Matplotlib), R, and SQL. This behavior is necessary for its stated purpose and is guided by modular code design and error handling practices.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its ability to ingest and process external files (PDF, DOCX, MD). 1. Ingestion points: User-supplied files via tools or direct reading. 2. Boundary markers: Not explicitly provided in instructions to isolate file content. 3. Capability inventory: Execution of Python code and file system writes. 4. Sanitization: No specific sanitization of extracted document text before it is processed by the model.
Audit Metadata