byted-bytehouse-multimodal-search
Warn
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The
scripts/search_client.pyfile builds SQL queries using string interpolation (f-strings) for parameters liketable_nameandfilter_condition. This approach is vulnerable to SQL injection if inputs are controlled by untrusted actors, potentially allowing the execution of unauthorized database commands.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by consuming external text and URLs to generate embeddings and perform searches.\n - Ingestion points: Processes text and URLs in
scripts/embedding.pyand search parameters inscripts/search_client.py.\n - Boundary markers: The implementation lacks markers or instructions to isolate or ignore malicious content within processed data.\n
- Capability inventory: The skill can perform database read/write operations and make network requests.\n
- Sanitization: There is no validation or sanitization of input data before it influences embedding generation or SQL construction.
Audit Metadata