dbt-transforms
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it is designed to ingest and process user-provided dbt project artifacts to generate code and configurations.
- Ingestion points: Processes user-provided SQL model files and YAML configuration files (e.g., _sources.yml, _models.yml) as mentioned in SKILL.md and multiple reference files.
- Boundary markers: Absent. The skill's instructions do not define specific delimiters or ignore-instructions markers for data read from external project files.
- Capability inventory: The skill can generate complex SQL logic, dbt CLI commands, and automated CI/CD workflow configurations across all reference guides.
- Sanitization: Absent. There are no instructions for sanitizing or escaping user-provided project content before it is used by the agent to generate new code.
- [EXTERNAL_DOWNLOADS]: Recommends the installation of dbt adapter packages and utility packages from standard registries.
- Evidence: The skill suggests installing
dbt-snowflake,dbt-bigquery, anddbt-duckdbvia pip inci-cd-deployment.md,consulting-workflow.md, andduckdb-adapter.md. It also references the use of well-known community packages likedbt-utilsanddbt-expectationsinjinja-macros-packages.md. - [COMMAND_EXECUTION]: Instructs the agent on the use of standard dbt CLI commands to manage the data transformation lifecycle.
- Evidence: References to
dbt build,dbt run,dbt test, anddbt compileare found throughoutSKILL.mdand the reference documents as standard operational procedures for dbt projects.
Audit Metadata