Skills
skills/vinnie357/claude-skills/tidewave/Gen Agent Trust Hub

tidewave

Warn

Audited by Gen Agent Trust Hub on Apr 20, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The project_eval tool allows the AI agent to execute arbitrary Elixir code directly within the running application environment. Similarly, the execute_sql_query tool permits the execution of arbitrary SQL statements against the application's database.
  • [EXTERNAL_DOWNLOADS]: The documentation instructs users to install tools from the Hex package registry and refers to the vendor's website (tidewave.ai) for downloading a standalone desktop application.
  • [DATA_EXFILTRATION]: Multiple tools provide access to sensitive project information, including get_logs (server log access), get_ecto_schemas (database schema mapping), and execute_sql_query (raw database data retrieval).
  • [PROMPT_INJECTION]: The get_logs tool introduces a surface for indirect prompt injection.
  • Ingestion points: Server logs, which can contain untrusted user-supplied data (e.g., from web requests), are ingested via the get_logs tool.
  • Boundary markers: Absent; the skill does not define specific delimiters or instructions to treat log data as untrusted.
  • Capability inventory: The skill grants full code execution (project_eval) and database access (execute_sql_query).
  • Sanitization: Absent; server logs are processed directly without sanitization for embedded instructions.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 20, 2026, 01:24 AM