migrate-while-active
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFECREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns were identified. The skill correctly uses environment variables for sensitive database credentials and parameter binding in SQL queries to prevent injection attacks.
- [CREDENTIALS_UNSAFE]: The database connection configuration in
tools/migrate-while-active.yamlincludesignore-unauthorized: true, which disables SSL/TLS certificate validation. While common in internal environments with self-signed certificates, this can expose data to man-in-the-middle attacks on untrusted networks. - [PROMPT_INJECTION]: The skill ingests data from a remote system, creating a potential surface for indirect prompt injection via system metadata.
- Ingestion points: Results from SQL queries in
tools/migrate-while-active.yamlandreferences/migrate-while-active-examples.sql. - Boundary markers: None present in the prompt templates.
- Capability inventory: Limited to read-only SQL operations.
- Sanitization: SQL parameter binding is used for tool inputs.
Audit Metadata