altinity-expert-clickhouse-ingestion
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill consists of SQL diagnostic queries and instructional documentation. No suspicious patterns, such as obfuscation, persistence, or privilege escalation, were detected.
- [DATA_EXPOSURE] (LOW): The skill accesses
system.query_logandsystem.text_log. These tables can contain full query strings or error messages which might include sensitive data if the source application does not use parameterized queries. This is an inherent risk of database diagnostic tools but is considered acceptable within the context of ClickHouse administration. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill ingests data from database logs, which are potentially attacker-influenced. An attacker who can execute queries on the ClickHouse cluster could attempt to inject malicious instructions into the logs. However, the skill lacks dangerous capabilities (like shell execution or network access) to exploit such an injection. \n
- Ingestion points:
system.query_log,system.text_log,system.processes(checks.sql) \n - Boundary markers: Absent \n
- Capability inventory: SQL SELECT operations on system tables. No file-write, network-out, or subprocess capabilities. \n
- Sanitization: Absent
Audit Metadata