Skills
skills/famaoai-creator/gemini-skills/db-extractor/Gen Agent Trust Hub

db-extractor

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface (Category 8) because it executes arbitrary SQL commands provided via the query argument.
  • Ingestion points: The query and db arguments in src/index.ts are entry points for data that may be influenced by untrusted external sources during an agent session.
  • Boundary markers: The skill does not implement boundary markers or instructions to the agent to disregard embedded commands in the SQL input.
  • Capability inventory: The skill utilizes the sqlite3 library to execute database queries (src/lib.ts) and can persist results to the local filesystem using safeWriteFile from the @agent/core package (src/index.ts).
  • Sanitization: There is no input validation or SQL sanitization performed on the query parameter, allowing for the execution of any valid SQLite command (e.g., ATTACH DATABASE, PRAGMA statements) if the agent is coerced into generating them.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 11:51 PM