databricks-spark-structured-streaming
Pass
Audited by Gen Agent Trust Hub on Jul 4, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill includes instructions for using Databricks utilities like
dbutils.fs.rmanddbutils.fs.cpfor managing checkpoint files and performing recovery operations. These are standard administrative actions within the Databricks environment and are appropriately scoped to the skill's purpose of managing streaming infrastructure. - [CREDENTIALS_UNSAFE]: Security best practices are followed for credential handling. The skill explicitly demonstrates the use of
dbutils.secrets.getto retrieve Kafka credentials from a secure secrets manager rather than hardcoding them in scripts. - [INDIRECT_PROMPT_INJECTION]: The skill defines pipelines that ingest data from external sources such as Kafka and cloud storage. It identifies the necessary capabilities for these pipelines, including filesystem operations and SQL execution. While these ingestion points represent a theoretical surface for indirect injection, the provided patterns use schema-based parsing (
from_json) which serves as a standard data boundary. No exploitable vulnerabilities were identified.
Audit Metadata