neo4j-aura-agent-skill
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill interacts exclusively with official Neo4j infrastructure (api.neo4j.io) and uses standard OAuth2 flows for authentication.
- [SAFE]: Sensitive information such as API credentials and database passwords are handled via environment variables, with explicit instructions to exclude them from version control using .gitignore.
- [SAFE]: All included Python scripts perform legitimate management and data-retrieval tasks as described in the documentation, with no evidence of remote code execution or unauthorized data exfiltration.
- [SAFE]: While the skill handles data from external sources (AuraDB) to configure an agent, it provides comprehensive documentation on establishing system prompt boundaries and uncertainty handling to mitigate indirect prompt injection risks.
Audit Metadata