odata-execution
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides documentation for the
dxsCLI tool, which is a vendor resource associated with the author 'datex'. The tool is used to interact with the Footprint API. - [COMMAND_EXECUTION]: The skill instructs the agent on how to execute shell commands using the
dxstool. It includes security best practices, such as using single quotes ('...') for query strings to prevent the shell from expanding the$character used in OData system variables (e.g.,$select,$expand). - [DATA_EXPOSURE_AND_EXFILTRATION]: While the skill interacts with API connections via a Connection ID, it does so through the vendor's own CLI tool for the intended purpose of query development. No unauthorized data access or external exfiltration patterns were identified.
- [INDIRECT_PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it ingests entity names and properties from the conversation context or schema explorers to build queries.
- Ingestion points: Entity metadata and field names from the conversation context or schema-explorer.
- Boundary markers: None explicitly defined for the input data.
- Capability inventory: Execution of the
dxs odata executeCLI command. - Sanitization: The skill recommends strict use of single quotes to prevent shell command injection or variable expansion during command construction. Given the controlled nature of OData query syntax and the provided mitigations, the risk is negligible.
Audit Metadata