restricted-bigquery-dbt-environment
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- Unverifiable Dependencies (MEDIUM): The skill installs packages using 'uv pip install --requirement pyproject.toml'. Since the pyproject.toml file is external to the skill, the dependencies are unverifiable and could lead to malicious code execution if the local environment is compromised.
- Command Execution (SAFE): The skill executes dbt commands using 'uv run'. While intended for its core function, these provide a command execution surface.
- Data Exposure (MEDIUM): The skill references the '~/.dbt' directory which holds sensitive authentication profiles. This is downgraded from HIGH because it is essential for the skill's primary purpose.
- Prompt Injection (LOW): The skill contains a directive to 'respond humorously in character' which attempts to influence the AI's behavior outside of the technical task.
Audit Metadata