rudder-profiles-debug
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the 'pb' (Profiles Binary) command-line interface for project-specific tasks such as 'compile', 'run', and 'audit'. These commands are limited to the functionality of the RudderStack Profiles tool and do not allow for arbitrary system command execution.
- [PROMPT_INJECTION]: The skill identifies external content, including CLI error messages and SQL query results, as untrusted data. It mitigates indirect prompt injection risks by instructing the agent to extract only specific technical metadata (e.g., file paths, model names, sequence numbers) needed for debugging rather than processing the entire untrusted output.
- [DATA_EXFILTRATION]: Although the skill queries data warehouses to check features like NULL rates and identity stitching ratios, these diagnostic operations are confined to the agent's context for user reporting. There are no instructions to transmit sensitive warehouse data to external domains or third-party servers.
Audit Metadata