sql-transform-helper
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is intended to assist with data pipelines and SQL transformations, which involves processing external code or configurations. Given its access to sensitive tools like
Bash,Write, andEdit, it possesses a vulnerability surface for indirect prompt injection.\n - Ingestion points: SQL transformation scripts, ETL patterns, and pipeline configurations processed by the agent.\n
- Boundary markers: None specified to delimit untrusted data from instructions.\n
- Capability inventory: Powerful system access via
Bash,Write,Edit,Read, andGrep.\n - Sanitization: No input validation or sanitization mechanisms are defined in the skill documentation.
Audit Metadata