skills/i9wa4/dotfiles/data-platform/Gen Agent Trust Hub

data-platform

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill processes external data that could contain malicious instructions, creating a surface for indirect prompt injection.
  • Ingestion points: Shell output captured via tmux capture-pane (references/cloud-auth.md) and tool outputs from dbt and databricks CLI.
  • Boundary markers: No delimiters or safety warnings are used to isolate external data from the agent's instructions.
  • Capability inventory: The skill uses tmux send-keys to execute commands, performs databricks api post operations, and executes dbt run commands.
  • Sanitization: The skill lacks explicit sanitization or validation logic for data ingested from shell panes or external logs.
  • [COMMAND_EXECUTION]: The skill utilizes tmux send-keys to interact with external shell environments. This workflow allows the agent to execute commands using the user's authenticated session, which is necessary for the stated auth tasks but presents a risk if the agent is manipulated into sending unintended commands.
  • [EXTERNAL_DOWNLOADS]: Instructions include installing the jupyter-databricks-kernel package. This is a vendor-owned resource provided by the skill author to facilitate Databricks-backed notebook execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 03:17 AM
Security Audit — agent-trust-hub — data-platform