oceanbase-sql-doc
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The skill consists entirely of instructional content for technical writing and documentation formatting. There are no attempts to override system prompts, bypass safety filters, or use role-play for jailbreaking.
- [Data Exposure & Exfiltration] (SAFE): No credentials, sensitive file paths, or network exfiltration patterns were found. The domain-specific examples (e.g., obclient prompts) are illustrative and do not involve real data movement.
- [Obfuscation] (SAFE): The document is written in plain Markdown and HTML for styling. No Base64, zero-width characters, or encoded commands are present.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No external packages (npm, pip) are referenced for installation. There are no remote script execution patterns (e.g., curl | bash).
- [Command Execution] (SAFE): The skill does not contain any shell commands, subprocess calls, or system-level operations. SQL code blocks are for documentation display only.
- [Privilege Escalation & Persistence] (SAFE): No commands related to privilege escalation (sudo) or persistence mechanisms (cron, startup scripts) are present.
- [Indirect Prompt Injection] (SAFE): While the skill defines formats for processing documentation content, it does not involve the ingestion of untrusted external data or the use of exploitable tools.
Audit Metadata