databricks-query
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [NO_CODE]: The skill package is comprised entirely of Markdown documentation and SQL examples. No executable scripts, binaries, or dependency files are present.
- [PROMPT_INJECTION]: The skill facilitates the ingestion of untrusted data from external Databricks tables, creating an indirect prompt injection surface. * Ingestion points: Results from SQL queries executed against Databricks tables (SKILL.md). * Boundary markers: The skill does not specify any delimiters or safety instructions to prevent the agent from following commands embedded in the database data. * Capability inventory: The agent is granted the capability to execute complex SQL queries and metadata operations through the DBSQL MCP server. * Sanitization: There is no mechanism described for sanitizing or escaping content retrieved from the database prior to its presentation to the LLM.
Audit Metadata