Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/dbt-model-generator/Gen Agent Trust Hub

dbt-model-generator

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONNO_CODE
Full Analysis
  • [Indirect Prompt Injection] (HIGH): The skill is designed to process external content (dbt models and data pipeline requests) while possessing high-privilege capabilities including Bash, Write, and Edit tool access. This creates a significant vulnerability surface where instructions hidden in untrusted data could be executed with the agent's permissions.
  • Ingestion points: User requests containing dbt model definitions or patterns.
  • Boundary markers: Absent; no instructions are provided to the agent to treat external data as untrusted or to ignore embedded instructions.
  • Capability inventory: Access to Bash (command execution), Write/Edit (file system modification), and Read/Grep (data exposure).
  • Sanitization: Absent; no logic is provided to validate or sanitize inputs before they are processed by high-privilege tools.
  • [No Code] (LOW): This is a metadata-only skill consisting exclusively of the SKILL.md configuration file. While no malicious scripts are included in the package itself, the requested tool permissions are excessive for a skill providing only instructional guidance.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 12:40 PM