grey-haven-data-modeling
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [PROMPT_INJECTION] (SAFE): No instructions designed to override agent behavior or bypass safety filters were found. The skill provides clear, safe templates for code generation.
- [DATA_EXFILTRATION] (SAFE): There are no indicators of credential harvesting, access to sensitive environment files, or unauthorized network communication.
- [COMMAND_EXECUTION] (SAFE): The skill allows the use of the Bash tool for database migrations (e.g., alembic upgrade, bun run db:migrate), which is a legitimate and expected use case for this functionality.
- [EXTERNAL_DOWNLOADS] (SAFE): No remote script downloads or piped execution patterns (e.g., curl|bash) were identified.
- [INDIRECT_PROMPT_INJECTION] (LOW): As a code generation skill, it inherently handles user-defined data descriptions. However, it mitigates risk by enforcing structured security patterns like tenant_id foreign keys and RLS policies on all generated tables.
Audit Metadata