ecommerce-data-warehouse
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install standard data transformation packages such as
dbt-bigquery,dbt-snowflake, ordbt-redshiftvia pip. These are official packages from dbt Labs, a well-known service provider in the data analytics space. - [COMMAND_EXECUTION]: Provides standard CLI instructions for initializing and running dbt projects (
dbt init,dbt run,dbt test). These commands are essential for the primary functionality of the skill and do not involve suspicious parameters. - [DATA_EXPOSURE_AND_EXFILTRATION]: Mentions the standard configuration path for dbt credentials (
~/.dbt/profiles.yml). This is provided as instructional documentation for the user to configure their own environment and does not involve hardcoded secrets or unauthorized data access. - [PROMPT_INJECTION]: Instructions are focused on technical implementation (SQL modeling, ETL design) and do not contain patterns attempting to override agent behavior or bypass safety guidelines.
- [INDIRECT_PROMPT_INJECTION]: The skill describes processing external data from sources like Shopify and WooCommerce. While this represents a theoretical attack surface for indirect injection, the risk is assessed as low as the skill focuses on structured ETL and data warehouse modeling, which is the intended use case.
Audit Metadata