database-design
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill consists primarily of markdown documentation and a Python utility script intended for local schema validation. The script analyzes file naming conventions and schema structure without executing external code or performing network operations.
- [PROMPT_INJECTION]: The skill identifies and processes external schema files (.prisma, .ts), which presents a surface for indirect prompt injection if those files contain malicious instructions disguised as comments or data.
- Ingestion points: The
schema_validator.pyscript and the agent's file tools read content from the local project path. - Boundary markers: No explicit XML delimiters or specific boundary instructions are used when interpolating file content into the agent's context.
- Capability inventory: The skill includes
Read,Write,Edit,Glob, andGreptools, which allow the agent to modify the project based on its findings. - Sanitization: There is no specific sanitization of the contents read from schema files to prevent instructions from influencing agent behavior.
Audit Metadata