anomaly-detection
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill includes Python scripts (
scripts/enable_anomaly_detection.pyandscripts/query_results.py) that perform administrative actions within the Databricks environment, such as creating or deleting schema-level monitors and executing SQL queries against system tables.\n- [PROMPT_INJECTION]: Thescripts/query_results.pyscript exhibits a vulnerability to indirect prompt injection (SQL injection) by interpolating catalog and schema names directly into SQL strings. While common in administrative tools, it presents a risk if the parameters are sourced from untrusted data.\n - Ingestion points:
catalogandschemaparameters inscripts/query_results.pyandscripts/enable_anomaly_detection.py.\n - Boundary markers: None identified.\n
- Capability inventory: Ability to execute high-privilege SQL queries via
spark.sql()and manage monitors via the Databricks SDK.\n - Sanitization: None; uses direct f-string interpolation for query construction.\n- [EXTERNAL_DOWNLOADS]: The skill references configuration and method signatures from Databricks' official SDK repository and documentation on ReadTheDocs. These are recognized as trusted vendor sources.
Audit Metadata