database-query-profiler
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): A vulnerability surface exists because the skill is designed to ingest and profile untrusted data (database queries). 1. Ingestion points: Database queries and logs (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: Bash, Read, Write, Edit (SKILL.md). 4. Sanitization: Absent.
- Command Execution (SAFE): The skill manifest requests access to the
Bashtool. While no malicious commands or scripts are included in the provided file, the capability allows for potential system interaction that should be monitored at runtime. - SAFE (SAFE): No evidence of obfuscation, hardcoded credentials, or persistence mechanisms was found in the analyzed file.
Audit Metadata