altinity-expert-clickhouse-grants
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (LOW): The skill analyzes data from
system.errorsandsystem.query_logwhich can be influenced by external actors. - Ingestion points:
last_error_messagefromsystem.errorsandexceptionfromsystem.query_logare read into the agent's context. - Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore or sanitize embedded instructions within these log strings.
- Capability inventory: The agent is authorized to propose SQL
GRANTstatements based on this data, which could be manipulated if an attacker can craft specific error messages. - Sanitization: No sanitization or escaping of the log content is performed before processing.
- Data Exposure (SAFE): The skill accesses database metadata including user grants, roles, and error logs. While this information is sensitive, its access is restricted to the diagnostic purpose of the skill and no exfiltration mechanisms (network calls) were detected.
Audit Metadata