Skills
skills/withcoral/skills/coral/Gen Agent Trust Hub

coral

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the coral sql CLI tool to execute queries. This command execution is the primary mechanism for the skill's intended functionality of data retrieval.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes data from external, potentially attacker-controlled sources (e.g., GitHub, Slack, Linear, Datadog, Sentry).
  • Ingestion points: External data is ingested into the agent's context through queries executed against various schemas and table functions in SKILL.md.
  • Boundary markers: The instructions do not provide boundary markers or delimiters to separate the untrusted data from the system instructions.
  • Capability inventory: The skill has the capability to execute shell commands using the coral CLI.
  • Sanitization: No sanitization, escaping, or validation of the retrieved data is mentioned before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 07:31 PM