dbt
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill serves as a documentation guide for the dbt CLI tool.
- [DATA_EXPOSURE]: The skill correctly identifies the risk of credential exposure and explicitly recommends using environment variables (e.g.,
env_var('SNOWFLAKE_PASSWORD')) to manage sensitive data in configuration files likeprofiles.yml. - [COMMAND_EXECUTION]: While the skill describes executing shell commands via
subprocessin Python, these are standard usage patterns for wrapping the dbt CLI and do not involve unsanitized user input or execution of remote, untrusted scripts. - [EXTERNAL_DOWNLOADS]: The skill mentions dbt packages and dbt hub, which is the official and well-known package registry for the tool, posing no significant security risk in this context.
Audit Metadata