Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/databricks-migration-deep-dive/Gen Agent Trust Hub

databricks-migration-deep-dive

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect prompt injection surface detected in migration functions. Ingestion points: convert_oozie_to_databricks_job and convert_spark_job_to_databricks in SKILL.md ingest Oozie XML and Spark source code. Boundary markers: None present. Capability inventory: Includes Bash(databricks:*), Write, and Edit. Sanitization: No sanitization or validation of input data detected.
  • [COMMAND_EXECUTION]: Insecure XML parsing in scripts/pipeline_migration.py using xml.etree.ElementTree, which is vulnerable to XML External Entity (XXE) attacks.
  • [COMMAND_EXECUTION]: Potential SQL injection in scripts/data_migration.py and scripts/migration_assessment.py due to string interpolation in Spark SQL queries.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 12:43 AM