Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/clickhouse-data-handling/Gen Agent Trust Hub

clickhouse-data-handling

Pass

Audited by Gen Agent Trust Hub on Mar 30, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect prompt injection surface detected via database data ingestion.
  • Ingestion points: The exportUserData function in SKILL.md reads arbitrary data from the events, sessions, and purchases tables.
  • Boundary markers: None identified. Data retrieved from the database is returned directly to the agent context without delimiters or instructions to ignore embedded commands.
  • Capability inventory: The skill performs database reads (client.query), deletions (client.command), and writes (client.insert).
  • Sanitization: The skill correctly uses query parameters for user-supplied inputs to prevent SQL injection, but it does not sanitize or validate the content of the data retrieved from the database before it enters the LLM's context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 30, 2026, 02:42 PM