SQLite Database Expert
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends several standard libraries for Node.js, Rust, and Python, including
@libsql/client,better-sqlite3,rusqlite, andpytest. These are well-known packages for database interaction and testing. - [COMMAND_EXECUTION]: Provides templates for executing database configuration commands (PRAGMAs) and schema migrations to manage local or remote databases.
- [DATA_EXFILTRATION]: Mentions the use of sensitive environment variables like
TURSO_AUTH_TOKENandTURSO_DATABASE_URLto authenticate with remote Turso database instances. - [PROMPT_INJECTION]: Employs strong instructional language (e.g., 'CRITICAL', 'MANDATORY READING') to ensure the agent follows security protocols and reads security-specific reference files before implementation.
- [INDIRECT_PROMPT_INJECTION]: The skill inherently manages a vulnerability surface by facilitating the processing of untrusted input into SQL queries.
- Ingestion points: User input processed in functions like
search_users,get_user_by_id, and migration runners inSKILL.md. - Boundary markers: Includes explicit instructions to treat user data separately from query logic via parameterization.
- Capability inventory: Extensive database read/write capabilities, schema management, and network connectivity to cloud database providers.
- Sanitization: Strictly enforces parameterized queries, whitelisting for dynamic column selection, and validation using database constraints.
Audit Metadata