ent-seed-sql
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides a template for generating and executing a Python script at runtime via a shell heredoc (python3
- <<'PY') to create password hashes for seed data. This constitutes dynamic execution of generated code.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted inputs from prompts and external documentation to generate SQL and drive script generation.
- Ingestion points: Documentation, demo code, and user prompts are identified as primary sources in 'SKILL.md'.
- Boundary markers: The instructions do not specify the use of delimiters or warnings to ignore instructions embedded in the source documents.
- Capability inventory: The skill is authorized to execute Python scripts and perform file write operations for SQL output.
- Sanitization: There is no evidence of validation or sanitization procedures for the external content before it is interpolated into the agent's workflow.
Audit Metadata