Skills
skills/gierd-inc/dev-skills/oop-query-objects/Gen Agent Trust Hub

oop-query-objects

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides instructions and examples for creating Ruby classes to manage database queries. The examples correctly demonstrate security best practices such as using parameterized queries (e.g., where('LOWER(name) LIKE ?', term)) and whitelisting sort columns using arrays before passing them to the database.
  • [PROMPT_INJECTION]: The skill documentation addresses potential indirect injection surfaces by teaching how to process user-supplied parameters securely. Ingestion points: Untrusted data enters via the params hash in the UserFilter and ProjectFilter classes. Boundary markers: Explicit demonstration of parameterization for SQL queries. Capability inventory: Database read access via ActiveRecord relations. Sanitization: Includes code snippets for whitelisting sort columns and using placeholder syntax for LIKE clauses.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 04:50 PM
Security Audit — agent-trust-hub — oop-query-objects