database-schema-designer
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Prompt Injection (SAFE): No malicious override or bypass instructions were detected in the README or checklists. The instructions focus entirely on database design methodology.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or network exfiltration patterns are present. The skill operates purely on the provided user context.
- Remote Code Execution & Dependencies (SAFE): The skill does not perform any external downloads or execute remote scripts. It uses a static SQL template for output generation.
- Indirect Prompt Injection (LOW):
- Ingestion points: User-provided domain names and table descriptions used in commands like
design schema for {domain}. - Boundary markers: None explicitly defined in the provided templates.
- Capability inventory: No execution capabilities (subprocess, eval, file-write) are present in the skill files.
- Sanitization: Not present, but since the output is purely text for the user to review, the risk of automated exploitation is minimal.
- Persistence & Privilege Escalation (SAFE): No attempts to modify system configurations, startup scripts, or acquire elevated permissions were found.
Audit Metadata