Skills
skills/bytedance/agentkit-samples/byted-bytehouse-slow-query/Gen Agent Trust Hub

byted-bytehouse-slow-query

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill executes an MCP server directly from a remote GitHub repository using the uvx tool within slow_query_analyzer.py. This code originates from the official Volcano Engine (ByteDance) repository and is used to facilitate database communication.
  • [EXTERNAL_DOWNLOADS]: The skill downloads the necessary database interface components from github.com/volcengine/mcp-server at runtime. This is part of the standard installation and execution flow for this vendor's tools.
  • [COMMAND_EXECUTION]: The script invokes the uvx command-line utility to provision and run the ByteHouse MCP server as a subprocess.
  • [PROMPT_INJECTION]: The skill processes untrusted SQL query data from database logs, which represents a surface for indirect prompt injection.
  • Ingestion points: Data is read from the system.query_log table in slow_query_analyzer.py via the run_select_query tool.
  • Boundary markers: No specific boundary markers are used to encapsulate the query text in the output.
  • Capability inventory: The skill can execute SQL queries and write JSON files to the local output/ directory.
  • Sanitization: No sanitization or filtering of the retrieved SQL query text is performed before it is included in the analysis reports.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 10:46 AM