process-db-report
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Potential surface for indirect prompt injection discovered in the report analysis workflow. Ingestion points: Database observability reports pasted into the chat context (SKILL.md). Boundary markers: Absent; no specific delimiters or instruction-ignore warnings are used to wrap the ingested report data. Capability inventory: Generation of TypeScript schema code for
packages/db/src/schema.tsand suggestions to execute shell commands (SKILL.md). Sanitization: Absent; the skill does not perform validation or escaping of the ingested report content before utilizing it in code generation. - [COMMAND_EXECUTION]: The skill recommends the execution of shell commands
bun run db:generateandbun run db:migrateto apply database schema changes.
Audit Metadata