db-table-best-practice
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it is designed to ingest and act upon untrusted external data (source code files) while maintaining the capability to modify the filesystem ('自动修正...直接修改文件'). Malicious instructions hidden within the target database schema files could potentially influence the agent's behavior during the review process.
- Ingestion points: The skill targets and reads external TypeScript files containing database schema definitions for review.
- Boundary markers: Absent. There are no specified delimiters or instructions to help the agent distinguish between schema data and potential embedded instructions.
- Capability inventory: The skill explicitly grants the agent the authority to modify files on the filesystem to enforce compliance.
- Sanitization: Absent. The skill does not describe any validation or filtering of input content to prevent the execution of instructions embedded in comments or strings within the code.
Audit Metadata