sql-alerting-patterns
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill includes instructions to install the official Databricks SDK using %pip install --upgrade databricks-sdk>=0.40.0. This is a standard dependency from a trusted source.
- [PROMPT_INJECTION]: The skill's architecture relies on reading alert configurations from a Delta table to generate and deploy SQL alerts. This creates an ingestion surface for indirect prompt injection from potentially untrusted data.
- Ingestion points: The deployment scripts read configuration data from the alert_rules table.
- Boundary markers: No specific boundary markers are used when processing the SQL queries from the table.
- Capability inventory: The skill uses the Databricks SDK to create alerts and spark.sql with the EXPLAIN command for query validation.
- Sanitization: The skill implements proactive validation via the EXPLAIN command to ensure queries are syntactically correct and target valid schema objects before deployment.
- [COMMAND_EXECUTION]: The skill uses dynamic SQL execution to validate queries before they are deployed as alerts.
- Evidence: The validate_alert_query function in SKILL.md executes spark.sql(f"EXPLAIN {query}") where query is derived from the configuration table.
Audit Metadata