optimizing-query-by-id
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Prompt Injection (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) due to its data processing workflow.
- Ingestion points: The skill instructs the agent to fetch
query_textfrom theINFORMATION_SCHEMA.QUERY_HISTORY()table (SKILL.md). - Boundary markers: There are no explicit delimiters or 'ignore' instructions provided to prevent the agent from following commands that might be embedded within the retrieved SQL text.
- Capability inventory: The skill involves executing SQL queries and analyzing query profiles via the agent's Snowflake connection.
- Sanitization: No sanitization or escaping of the retrieved query text is mentioned before the agent analyzes it for optimization.
- Data Exposure (SAFE): The skill accesses Snowflake query history and performance metrics. While this involves sensitive metadata, it is consistent with the skill's primary purpose of database optimization and no external exfiltration was detected.
- Remote Code Execution (SAFE): No external dependencies, package installations, or remote script executions were found in the instructions.
Audit Metadata