universal-captp-derivation
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes Python one-liners (e.g.,
python3 -c "import duckdb; ...") to query and display data from local database files such asculture_evolution.duckdbandgh_interactome.duckdb. - [DATA_EXPOSURE]: The skill performs
SELECT *operations on multiple database tables, includingderivation_chains,expert_triads, andnow_superposition, printing the results to the agent's context. This is the intended functional behavior of the skill for capability analysis. - [INDIRECT_PROMPT_INJECTION]: The skill ingests data from external database files (
culture_evolution.duckdb,gh_interactome.duckdb) into the agent's context. - Ingestion points: Local DuckDB database files accessed via Python commands in
SKILL.md. - Boundary markers: Absent; data is printed directly to standard output.
- Capability inventory: Python shell execution with DuckDB read access.
- Sanitization: No explicit filtering or sanitization is performed on the database contents before processing.
Audit Metadata