clickhousectl-cloud-deploy
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill downloads and executes an installation script for the clickhousectl CLI tool directly from the vendor's official domain (clickhouse.com).
- [COMMAND_EXECUTION]: The skill uses local shell commands to check for the CLI installation, perform authentication, and manage cloud service provisioning.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface (Category 8) by reading and applying local SQL files to a remote database. Ingestion points: SQL files in clickhouse/tables/ and clickhouse/materialized_views/ (SKILL.md). Boundary markers: Absent; the skill assumes the content of these files is trusted. Capability inventory: Execution of arbitrary queries on a remote database via clickhousectl (SKILL.md). Sanitization: None; files are passed directly to the client tool.
Audit Metadata