Skills
skills/windmill-labs/windmill-cli-docs/write-script-duckdb/Gen Agent Trust Hub

write-script-duckdb

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the wmill CLI (e.g., wmill script preview, wmill sync push, wmill generate-metadata) to perform script management and deployment tasks. These are official tools provided by the vendor, and their use is consistent with the skill's stated purpose.
  • [REMOTE_CODE_EXECUTION]: Instructions direct the agent to execute code using wmill script preview and wmill script run to test script functionality. This is a core feature of the development environment handled by the vendor's platform.
  • [EXTERNAL_DOWNLOADS]: The wmill generate-metadata command re-resolves dependencies for scripts from external registries. This is standard package management behavior intended to keep local environment locks in sync with the code.
  • [DATA_EXFILTRATION]: The skill documents patterns for connecting to external databases and S3 storage using DuckDB's native ATTACH and COPY commands. These operations leverage Windmill resources and standard cloud services for legitimate data processing tasks.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 08:36 AM
Security Audit — agent-trust-hub — write-script-duckdb