Skills
skills/canner/wren-engine/wren-generate-mdl/Gen Agent Trust Hub

wren-generate-mdl

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches a version configuration file from the vendor's official GitHub repository (raw.githubusercontent.com/Canner/wren-engine/main/skills/versions.json) to verify if the skill is up to date.
  • [COMMAND_EXECUTION]: The skill relies on the execution of the wren CLI and various database-specific drivers (such as psycopg, google-cloud-bigquery, or snowflake-connector-python) to perform database discovery and file system operations.
  • [DATA_EXFILTRATION]: The skill ingests database schema information (tables, columns, types, and constraints). This involves reading metadata from the user's database environment, which is the primary intended function of the skill for project scaffolding.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) because it processes untrusted metadata from external databases (table names, descriptions) and interpolates them into YAML files. While there are no explicit sanitization instructions, this behavior is standard for database modeling tools.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 01:02 PM