Skills
skills/stahura/domo-ai-vibe-rules/magic-etl-cli/Gen Agent Trust Hub

magic-etl-cli

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill instructions require the agent to fetch and study existing dataflow definitions from Domo using the community-domo-cli dataflows get-definition command. This creates an indirect prompt injection surface where untrusted data from the external platform is processed by the agent.
  • Ingestion points: community-domo-cli dataflows get-definition (SKILL.md)
  • Boundary markers: No delimiters or warnings are specified for the ingested JSON content.
  • Capability inventory: The skill allows for dataflow creation, modification, and execution via CLI commands.
  • Sanitization: There is no instruction for the agent to sanitize or validate the content retrieved from the external source.
  • [COMMAND_EXECUTION]: The skill primarily functions by instructing the agent to execute shell commands using the community-domo-cli tool to interact with the Domo platform.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 05:44 PM