sql-helper
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes natural language input from users to generate executable-style SQL code.
- Ingestion points: User-provided query requirements, database schema descriptions, and error logs are ingested and processed in the 'Step 1: 理解需求' and 'Step 2: 编写/优化 SQL' phases.
- Boundary markers: The instructions do not implement boundary markers (such as XML tags or explicit delimiters) to isolate user-provided data from the core system instructions.
- Capability inventory: The skill's capabilities are restricted to text-based generation of SQL, DDL, and DML statements; it does not possess the capability to execute commands, access the file system, or initiate network requests.
- Sanitization: There are no internal mechanisms to sanitize or filter user input for adversarial prompt patterns before it is used to construct the final output.
Audit Metadata