cte-query-builder
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE] (SAFE): The skill consists solely of markdown metadata and documentation with no associated scripts or configuration files.
- [SAFE] (SAFE): Analysis of the markdown content revealed no signs of obfuscation, hardcoded credentials, or malicious prompt injection patterns.
- [Indirect Prompt Injection] (LOW): The skill is designed to process untrusted user data for data analytics tasks.
- Ingestion points: User requests involving 'cte query builder' patterns or data analytics questions.
- Boundary markers: No delimiters or 'ignore' instructions are provided to separate user inputs from agent instructions.
- Capability inventory: The skill authorizes the use of powerful tools including Bash, Write, Edit, Read, and Grep.
- Sanitization: No sanitization or validation logic is defined to mitigate the risk of instructions embedded within user-provided schemas or requirements.
Audit Metadata