prisma
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill defines a set of commands using
pnpm exec prismato manage database migrations, schema formatting, and client generation. While these are standard development operations, they grant the agent the ability to modify local database states and execute CLI tools. - [DATA_EXFILTRATION]: The instructions require the agent to read
.envand.env.templatefiles to verify datasource configurations. While necessary for Prisma's functionality, these files are classified as sensitive file paths because they often contain database credentials and secrets. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it is instructed to read and interpret external project files such as the Prisma schema and migration history.
- Ingestion points:
prisma/schema.prisma,prisma/migrations/,prisma/seed.ts(referenced in SKILL.md) - Boundary markers: No delimiters or specific warnings are used when the agent reads these files to prevent it from obeying instructions embedded in schema comments or migration files.
- Capability inventory: The agent has the ability to execute shell commands (
pnpm exec prisma) and modify files in the repository. - Sanitization: There is no instruction to validate or sanitize the content of the schema or migration files before the agent acts upon them.
Audit Metadata