Skills
skills/bytedance/agentkit-samples/byted-bytehouse-ai-query/Gen Agent Trust Hub

byted-bytehouse-ai-query

Pass

Audited by Gen Agent Trust Hub on Apr 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes execute_sql.py, which allows for the execution of arbitrary SQL queries on a ByteHouse database. This is a core feature of the skill designed for database management.
  • [EXTERNAL_DOWNLOADS]: The text2sql.py script makes outbound HTTPS POST requests to the ByteHouse API (configured via BYTEHOUSE_HOST) to translate natural language into SQL. This involves sending an authorization token (BYTEHOUSE_PASSWORD) to the specified host.
  • [COMMAND_EXECUTION]: In list_tables.py, the database name provided via the --database argument is directly interpolated into a SQL query string. This pattern is susceptible to SQL injection if the input is derived from untrusted sources without sanitization.
  • [INDIRECT_PROMPT_INJECTION]: The skill facilitates an automated Text-to-SQL pipeline which presents a potential surface for indirect prompt injection. 1. Ingestion points: natural language query in text2sql.py. 2. Boundary markers: None detected. 3. Capability inventory: Arbitrary SQL execution via execute_sql.py. 4. Sanitization: None detected.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 3, 2026, 05:49 AM