Skills
skills/databricks-solutions/ai-dev-kit/databricks-config/Gen Agent Trust Hub

databricks-config

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the databricks CLI to perform authentication, interpolating user-provided values like the profile name directly into shell commands. This pattern can lead to arbitrary command execution if the input is not strictly validated.
  • [CREDENTIALS_UNSAFE]: The skill reads and modifies ~/.databrickscfg, which contains sensitive authentication tokens. Although the skill includes instructions to redact these tokens in the agent's response, the skill itself possesses full access to the credentials.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. Ingestion points: User-provided parameters profile_name and workspace_host in SKILL.md. Boundary markers: None identified. Capability inventory: Subprocess execution via databricks auth login and filesystem access to ~/.databrickscfg. Sanitization: There is logic to extract strings from URLs, but no explicit sanitization for profile names used in command arguments.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 11:05 PM