Skills
skills/jarmen423/skills/database-design/Gen Agent Trust Hub

database-design

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (HIGH): The skill's architecture creates a high-risk surface by processing untrusted external data while possessing file modification permissions.
  • Ingestion points: The scripts/schema_validator.py script identifies and reads user project files using pathlib.Path.glob (Line 38) and read_text (Line 55).
  • Boundary markers: There are no boundary markers, delimiters, or explicit instructions to ignore embedded commands within the processed schema files.
  • Capability inventory: According to SKILL.md, the skill is granted Read, Write, Edit, Glob, and Grep permissions.
  • Sanitization: No sanitization, escaping, or schema validation of external content is performed; the script uses raw regular expression matching on the untrusted file content.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 05:23 AM