Skills
skills/exasol-labs/exasol-agent-skills/exasol-database/Gen Agent Trust Hub

exasol-database

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The exapump-reference.md file includes an installation command that fetches and executes a shell script directly from a remote URL: curl -fsSL https://raw.githubusercontent.com/exasol-labs/exapump/main/install.sh | sh. This is a vendor-owned resource but represents a remote code execution pattern.
  • [COMMAND_EXECUTION]: The skill uses the exapump CLI tool via system commands to interact with the database, including exapump sql, exapump upload, and exapump export.
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection because it processes data from external sources (database results and local files) without explicit sanitization or boundary markers. 1. Ingestion points: Database query results returned by exapump sql and files processed by exapump upload. 2. Boundary markers: No delimiters or instructions are used to separate data from instructions. 3. Capability inventory: The agent can execute arbitrary database commands and file operations via the exapump CLI. 4. Sanitization: None present.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 09:13 PM