database
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates the ingestion of data from external databases, creating a potential surface for indirect prompt injection.\n
- Ingestion points: Results returned by
database::queryanddatabase::transactionQuery(SKILL.md).\n - Boundary markers: Documentation does not specify delimiters or explicit instructions for isolating retrieved data from agent context.\n
- Capability inventory: Includes database modification functions (
database::execute,database::transactionExecute) and access to other workers within the platform environment.\n - Sanitization: Correctly uses parameterized SQL for input, but no defined sanitization or escaping procedures for data retrieved from the database before it is processed.
Audit Metadata