entity-stream-queries
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is primarily documentation-based and does not contain any executable code that performs malicious actions. It instructs users on how to query internal database collections using established patterns.
- [PROMPT_INJECTION]: The skill defines an attack surface for indirect prompt injection as it facilitates querying collections that ingest untrusted external data. Ingestion points: Built-in collections like inbox, texts, and textDeltas in references/collections.md store data from external or system messages. Boundary markers: No specific boundary markers or 'ignore' instructions are documented in the query examples. Capability inventory: The examples in references/common-queries.md demonstrate that query results can trigger actions like ctx.send or ctx.spawn. Sanitization: No data sanitization or validation is mentioned for processing the queried content before subsequent use.
Audit Metadata