Skills
skills/lebsral/dspy-programming-not-prompting-lms-skills/ai-querying-databases/Gen Agent Trust Hub

ai-querying-databases

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill is instructional and follows security best practices for handling database access. It explicitly instructs the user to use read-only database credentials and implement validation logic to prevent unauthorized data modifications.
  • [COMMAND_EXECUTION]: The skill generates and executes SQL queries based on natural language input. This risk is effectively mitigated by the included validate_sql function, which uses sqlparse and keyword matching to block dangerous operations such as DROP, DELETE, ALTER, and TRUNCATE, ensuring only SELECT statements are executed.
  • [DATA_EXFILTRATION]: The skill facilitates data retrieval from a database. To prevent large-scale data exposure, it provides code to automatically append LIMIT clauses to all queries and recommends the use of table allow-lists to restrict the AI's visibility to specific, non-sensitive tables.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 06:45 PM