cms-migration
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is purely instructional and provides a framework for interactive data modeling. It does not utilize any tools or commands that interact with the local file system, network, or external processes.
- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection because it instructs the agent to analyze user-provided data samples (JSON, CSV, or schema descriptions) in Phase 1. However, the risk is minimal as the agent's capabilities are limited to generating text-based configuration code without any automated execution or exfiltration paths.
- Ingestion points: Phase 1 in SKILL.md where the user provides data samples for analysis.
- Boundary markers: Absent.
- Capability inventory: No system-level tools or automated execution capabilities are defined or requested.
- Sanitization: No explicit instructions for sanitizing or escaping the user-provided data are included.
Audit Metadata