databricks-agent-bricks
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE_AND_EXFILTRATION]: The skill documents the management of data within Unity Catalog Volumes and Tables. It includes SQL examples for creating external connections that use standard placeholders for sensitive credentials such as client IDs and secrets. These are instructional templates and do not expose actual sensitive data.
- [INDIRECT_PROMPT_INJECTION]: The skill establishes an environment for processing external data through Retrieval-Augmented Generation (RAG) and multi-agent routing. This creates a surface where instructions embedded in processed documents or database records could potentially influence agent behavior. The documentation provides best practices for instructions and routing to mitigate these risks.
- [COMMAND_EXECUTION]: The skill uses administrative tools (
manage_ka,manage_mas,manage_genie) to provision and configure model serving endpoints and agent tiles. All operations are confined to the Databricks platform's intended management APIs.
Audit Metadata