supabase-data-handling
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes potentially untrusted data from database tables through PII scanning and data export functions. This creates an indirect prompt injection surface where malicious content stored in the database could influence agent behavior if not properly handled.
- Ingestion points: Data is fetched from various database tables in SKILL.md and references/implementation.md using the Supabase SDK.
- Boundary markers: No specific delimiters or instructions are used to isolate database content from the agent's core instructions or to warn the agent about potential embedded instructions.
- Capability inventory: The skill has access to powerful shell commands (psql, supabase-cli) and file writing capabilities.
- Sanitization: Data is processed via regular expressions and JSON manipulation, but no explicit sanitization or filtering for LLM-specific injection patterns is implemented.
Audit Metadata