Skills
skills/elihuvillaraus/skills/db-optimizer/Gen Agent Trust Hub

db-optimizer

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill includes instructions to process external data sources such as project files, logs, and git history using tools like bash and git. This creates a surface for indirect prompt injection if those sources contain malicious instructions.
  • Ingestion points: The skill reads project files, git history, and system logs via bash and git tools (SKILL.md).
  • Boundary markers: There are no explicit instructions or delimiters defined to separate user-provided data from agent instructions or to ignore embedded commands.
  • Capability inventory: The agent is granted access to high-privilege tools including bash for command execution and file system operations for reading/writing project files (SKILL.md).
  • Sanitization: No validation or sanitization of the content retrieved from external files or command outputs is specified.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 02:51 PM
Security Audit — agent-trust-hub — db-optimizer