Oracle ADK Expert
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is an informational guide for Oracle's ADK. The code snippets provided follow standard practices for OCI development and enterprise application integration.
- [DATA_EXFILTRATION]: The instructions reference the default OCI configuration file path (~/.oci/config) for authentication purposes. This is the standard and intended method for the OCI SDK to access credentials locally for legitimate development tasks.
- [PROMPT_INJECTION]: The skill outlines patterns for agents to process external data from user inputs via FastAPI and Slack. This introduces a surface for indirect prompt injection; however, the skill explicitly provides remediation guidance in its final quality checklist, recommending input validation and SQL injection prevention.
- Ingestion points: User messages received through FastAPI endpoints and Slack event handlers described in SKILL.md.
- Boundary markers: Not present in code snippets but recommended as a mandatory step in the skill's quality checklist.
- Capability inventory: Agents are shown interacting with OCI Object Storage and Autonomous Database via the oci and oci_adk libraries.
- Sanitization: The skill's checklist specifically mandates input validation and the use of parameterized queries to prevent injection attacks.
Audit Metadata