golang-database
Pass
Audited by Gen Agent Trust Hub on May 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill's 'Review/debug mode' instructs the agent to audit existing codebase files for database-related issues. This functionality creates an attack surface for indirect prompt injection, as malicious instructions could be embedded within the project's source code files that the agent processes.
- Ingestion points: Local source code files accessed via
Read,Glob, andGreptools as described in the 'Modes' section ofSKILL.md. - Boundary markers: Absent. The instructions do not define specific delimiters or warnings to prevent the agent from executing instructions found within the code being analyzed.
- Capability inventory: The skill has the ability to execute shell commands via
Bash(go:*),Bash(golangci-lint:*), andBash(git:*), as well as perform file modifications using theEditandWritetools inSKILL.md. - Sanitization: Absent. There is no mechanism described to sanitize or filter the content of ingested files before they are processed by the agent.
Audit Metadata