sql-query-optimizer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to process user-supplied SQL queries, which is an untrusted data source. Malicious instructions could be embedded in SQL comments to manipulate the agent.
- Ingestion points: User-provided SQL queries via request.
- Boundary markers: No delimiters or 'ignore' instructions are present in the skill definition.
- Capability inventory: Allowed tools include Bash, Write, Edit, Read, and Grep, which provide a significant capability tier for a SQL optimization task.
- Sanitization: No sanitization or validation logic is specified for the input data.
- [Command Execution] (SAFE): While the skill requests 'Bash' permissions, it contains no scripts or command strings. The risk is limited to how the agent chooses to use the tool based on user input.
Audit Metadata