ent-seed-sql-generator
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it extracts entity definitions and relationships from potentially untrusted sources like product documentation and prompt requirements.
- Ingestion points: Mixed inputs including product docs and requirements (references/model-extraction.md).
- Boundary markers: None identified.
- Capability inventory: SQL generation and optional syntax/execution checks (SKILL.md).
- Sanitization: Absent.
- [COMMAND_EXECUTION]: The skill provides a static Python shell command for bcrypt hashing within its documentation as a reference for manual development tasks (references/password-hashing.md).
Audit Metadata