Skills
skills/lensesio/agentic-engineering-for-apache-kafka/kafka-schema-review/Gen Agent Trust Hub

kafka-schema-review

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from the local filesystem and remote cluster topics.
  • Ingestion points: The workflow in SKILL.md involves scanning the codebase for .avsc, .proto, and .json files and sampling live data from Kafka topics using execute_sql.
  • Boundary markers: There are no explicit delimiters (e.g., XML tags or backticks with 'ignore' instructions) defined to separate the instructions from the data being analyzed.
  • Capability inventory: The skill is configured with broad capabilities including Bash, Read, Grep, and multiple Lenses MCP tools for cluster interaction (execute_sql, get_topic_metadata).
  • Sanitization: No sanitization or validation logic is present to filter malicious content from the ingested schema definitions or data samples.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 12:43 PM