spring-data-neo4j
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection by retrieving and processing data from an external Neo4j database. 1. Ingestion points: Data enters the agent context through repository methods and Cypher queries defined in SKILL.md and references/examples.md (e.g., findByTitle, searchByTitle). 2. Boundary markers: The skill does not provide specific instructions or markers to isolate database-retrieved content from the agent's command instructions. 3. Capability inventory: Frontmatter configuration allows the use of Bash, Write, and Edit tools. 4. Sanitization: The skill mitigates database-level injection by recommending the use of parameterized Cypher queries with the $param syntax.
- [SAFE]: The skill consists of standard documentation and code snippets for software development. It follows industry best practices for Java and Spring Boot development, including constructor injection and entity immutability.
- [SAFE]: All external documentation links refer to official Spring Framework and Neo4j resources.
Audit Metadata