Skills
skills/allthingsida/idasql-skills/storage/Gen Agent Trust Hub

storage

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect prompt injection vulnerability surface detected via the storage retrieval mechanism.
  • Ingestion points: Data retrieved from the netnode_kv table via SQL queries (e.g., SELECT value FROM netnode_kv) in SKILL.md enters the agent's context.
  • Boundary markers: The skill does not provide delimiters or specific instructions for the agent to treat retrieved storage values as untrusted external data.
  • Capability inventory: The skill grants access to the Bash tool as defined in the YAML frontmatter, providing an execution path if the agent obeys instructions injected into the storage.
  • Sanitization: There is no documented validation or sanitization of the retrieved value strings before they are processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 05:24 AM