ontology-stack-builder
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is developed by Snowflake-Labs, a trusted vendor, and its behavior is entirely consistent with its purpose of automating Snowflake infrastructure deployment.
- [COMMAND_EXECUTION]: The skill executes local Python scripts using
uv runfor tasks like schema introspection, ontology parsing, and SQL generation. These operations occur within the local environment and are used to process user-provided data into deployment artifacts. - [EXTERNAL_DOWNLOADS]: The skill defines standard, verifiable Python dependencies (rdflib, pyyaml, streamlit) in its
pyproject.tomlfile. These are well-known libraries from official registries and do not represent a security risk in this context. - [INDIRECT_PROMPT_INJECTION]: The skill processes external data (Snowflake schema metadata and OWL ontology files). While this presents a potential attack surface, the risk is mitigated by the fact that the skill is used in a developer-centric workflow with explicit confirmation gates at every phase (e.g., Phase 4 requires SQL review before deployment).
Audit Metadata