drizzle-orm-rules
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill mandates the execution of a shell command 'cat .claude/context/memory/learnings.md' as part of its 'Memory Protocol'. While used for context management, this establishes a pattern of executing shell commands to read local file system contents.
- [PROMPT_INJECTION]: The skill is designed to ingest and process untrusted data in the form of user-provided source code for review and refactoring.
- Ingestion points: User-provided code snippets for Drizzle ORM review as seen in SKILL.md.
- Boundary markers: Absent. No instructions are provided to the agent to ignore or isolate instructions embedded within the code being reviewed.
- Capability inventory: The skill has access to Read, Write, and Edit tools as defined in the YAML frontmatter of SKILL.md.
- Sanitization: Absent. There is no evidence of validation or filtering of the input code before processing.
- Risk: A malicious user could provide code containing indirect prompt injections that, if followed, could cause the agent to misuse its Write or Edit capabilities on the local filesystem.
Audit Metadata