skills/jeremylongshore/claude-code-plugins-plus-skills/databricks-webhooks-events/Gen Agent Trust Hub
databricks-webhooks-events
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requests permission for the
Bash(databricks:*)tool, which enables the agent to interact with the Databricks CLI to configure workspace settings, manage jobs, and handle security destinations. - [PROMPT_INJECTION]: The
webhook_handler/app.pyscript presents a surface for indirect prompt injection via external webhook payloads. - Ingestion points: Untrusted data enters the handler via
request.jsonat the/databricks/webhookendpoint. - Boundary markers: The code example does not use delimiters or provide instructions to isolate embedded commands from the payload data.
- Capability inventory: The skill has access to
Bash(databricks:*),Write, andEdittools. - Sanitization: The handler performs minimal sanitization, such as truncating error messages to 500 characters, but does not escape or validate text or URL fields before using them in notification blocks.
Audit Metadata