Create database migration
Pass
Audited by Gen Agent Trust Hub on May 21, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands via
yarnto automate the creation of database migration files (yarn migrate:create), execution of migrations (yarn knex-migrator), and running of integrity and unit tests (yarn test:single,yarn test:unit). These commands are standard for the Ghost development environment. - [PROMPT_INJECTION]: The skill interpolates user-controlled data, specifically
<kebab-case-slug>and{version directory}, directly into shell commands. This creates an indirect prompt injection surface where a malicious user could attempt command injection, although the instructions specify a required kebab-case format. - Ingestion points: User-provided slug and version directory in
SKILL.md. - Boundary markers: None present.
- Capability inventory: Subprocess execution of
yarncommands. - Sanitization: None explicitly enforced beyond instructional requirements for format.
Audit Metadata