odoo-perf
Pass
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill actively promotes security best practices by providing explicit warnings against SQL injection. It repeatedly instructs developers to use parameterized queries with
self.env.cr.executeand specifically warns against using f-strings or direct string formatting for SQL operations.\n- [COMMAND_EXECUTION]: The instructions guide the agent to use theodoo-aiCLI tool (specifically thetracecommand) to measure SQL query counts and profile execution paths. This is presented as a legitimate tool for performance analysis within an Odoo environment.\n- [PROMPT_INJECTION]: While the skill involves analyzing Odoo code and metadata which could be considered external data, there are no instructions present that attempt to override safety filters, extract system prompts, or bypass agent constraints.
Audit Metadata