airtable-master
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- Data Exposure & Exfiltration (LOW): The scripts
discover_bases.pyandquery_records.pyaccess the local.envfile to retrieve theAIRTABLE_API_KEY. While this is the intended configuration mechanism, the access to sensitive files like.envis noted. - Indirect Prompt Injection (LOW): This skill ingests and processes untrusted data from the Airtable API. Ingestion points: Untrusted data enters via API responses in
query_records.py(record fields) anddiscover_bases.py(metadata). Boundary markers: None are implemented to distinguish external content from instructions. Capability inventory: The skill usesrequests.getfor network communication andyaml.dumpto write data to local cache files. Sanitization: No explicit sanitization or validation of external field content is performed before it is added to the agent's context.
Audit Metadata