Sub-agent✓ Certified

voltcx-data-analyst

A specialized AI agent that performs data analysis, statistical computations, creates visualizations, and generates structured analytical reports.

/ 100 · Grade C

C = 70–79

“I need to analyze datasets, perform statistical calculations, create data visualizations, and generate comprehensive analytical reports automatically.”

data-analysisstatisticsvisualizationreportingai-agent

Publisher: VoltAgentVersion: latestCertified: Mar 28, 2026Expires: Mar 28, 2027Source ↗

voltcx-data-analyst earned Certified status with a trust score of 79/100 (Grade C). No adversarial findings — all attack patterns were handled gracefully. Security scan flagged 0 findings.

Trust Score Breakdown

Eight weighted signals composing the aggregate trust score

security scan

100% × 15w

15.0

supply chain

100% × 10w

10.0

adversarial

100% × 25w

25.0

provenance

80% × 20w

16.0

consumer confirm

40% × 10w

4.0

behavioral pass

40% × 10w

4.0

contract accuracy

100% × 6w

6.0

uptime

100% × 4w

4.0

Scheme v2.0 · Weights provisional · Consumer confirmations and uptime use pipeline-derived baselines.

Findings

Security scan results, adversarial testing, and pipeline review

Security Scan — Cisco Skill Scanner

cisco-skill-scannerFAIL

staticbehavioralllmmeta

critical: 0high: 0medium: 0low: 0

Adversarial Testing — 3 categories, 0 findings

prompt injection chainscapability squattingcontext poisoning

No adversarial findings — all attack patterns handled gracefully.

Methodology v1.0 · 3 categories · ~55 attack patterns

Behavioral Fingerprint

Runtime performance baseline for drift detection

Samples

Error rate

0.0%

Peak memory

— MB

Avg CPU

—%

Response time distribution

p50: 10892msp95: 24174msp99: 24174ms

Output size distribution

p50: 1.8 KBp95: 4.8 KBmean: 2.4 KB

Fingerprint v1.0 · Baseline: Mar 28, 2026 · Status: baseline

Interface

Skill triggers and instruction summary

Activation

Activates when a task needs implementation or debugging of model-backed application features, agent flows, or evaluation hooks

Handles AI product engineering focused on runtime reliability and contract-safety work for model-integrated systems

Instructions: 35Files: 13Format: toml

Does

Map end-to-end AI paths including input shaping, model calls, post-processing, and output delivery

Identify behavior divergences from expected contracts in prompt, tool wiring, retrieval, or parsing layers

Implement minimal safe code or configuration changes to fix failure sources

Validate success cases, failure cases, and integration edges

Focus on model input/output contract clarity and schema-safe parsing

Implement fallback, retry, timeout, and partial-failure behavior around model calls

Add observability through traces, structured logs, and decision metadata

Verify AI path reproducibility with explicit inputs and expected outputs

Validate structured outputs before downstream use

Does not

Treat prompt tweaks as complete solutions when orchestration, contracts, or fallback logic is the actual root problem

Focus solely on prompt-only tweaking without considering the larger system

Scope & Permissions

What this capability can and cannot access — derived from pipeline analysis

⚠creates files

yes

✓deletes files

⚠modifies files

yes

⚠accesses env variables

yes

⚠invokes external tools

yes

⚠makes network requests

yes

Known Failure Modes

Documented edge cases and recovery behaviors

when when orchestration or contract issues are misidentified as prompt problems

then the agent focuses on the actual root problem in system architecture rather than surface-level prompt adjustments

when when validation requires production traffic or external model environment

then the agent calls out these limitations and specifies what validations still need to be performed

Badge & Integration

Embed certification status in your README, docs, or CI pipeline

badge SVG →attestation API →integration guide →

Certification Notes

Provenance observations from the pipeline

publisher

Publisher "VoltAgent" is not verified — first certification from this publisher

provenance

No SECURITY.md or SECURITY.txt file found — no published vulnerability reporting process

provenance

Single contributor — no peer review evidence in commit history

provenance

Repository is 8 days old — recently created

provenance

Package description appears to be boilerplate or template text

Signed Artifact

Certification provenance and verification metadata

Content hashsha256:dbb0b578ff5198f5e3d377eb42177c7b4ff6a4a3d729cbb9251a4ca8f1ef4f41

Key IDkms-9db4ed3b9f53

CertifiedMar 28, 2026

ExpiresMar 28, 2027

Pipeline version1.0

Statusvalid

download .cert.json →download annotated file →

Pipeline Artifacts

Raw data files from this certification run — downloadable for independent verification

contract.json

Full unsigned contract

↓

stage1-ingest.json

Ingest stage output

↓

stage2a-sbom.json

SBOM generation results

↓

stage2a-vulns.json

Vulnerability scan results

↓

stage2b-security.json

Security scan results

↓

stage3a-functional.json

Functional test results

↓

stage3b-adversarial.json

Adversarial test results

↓

stage3c-fingerprint.json

Behavioral fingerprint

↓

stage4-certify.json

Certification decision + trust score

↓

stage3a-measurements.json

Raw functional test measurements

↓

stage3b-measurements.json

Raw adversarial test measurements

↓

run-log.json

Pipeline execution log

↓

Not all files may be present for every certification.