orm-admin
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill package is composed entirely of Markdown files providing API documentation and does not include any executable scripts or configuration for automated execution.
- [PROMPT_INJECTION]: The skill documentation describes an interface for accessing untrusted data from 37 database tables, creating a potential surface for indirect prompt injection. 1. Ingestion points: Data retrieval operations defined across 37 tables, including
orgMemberProfile.findManyinreferences/org-member-profile.mdandorgInvite.findManyinreferences/org-invite.md. 2. Boundary markers: The documentation does not specify delimiters or instructions for the agent to ignore embedded instructions within retrieved database records. 3. Capability inventory: The ORM interface provides broad capabilities including full CRUD access to permissions and memberships, as well as S3 bucket provisioning as documented inreferences/provision-bucket.md. 4. Sanitization: No evidence of data sanitization, escaping, or validation logic is present in the API documentation.
Audit Metadata