db-seed
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool for file discovery and schema scanning within the local project directory using glob and grep commands.
- [EXTERNAL_DOWNLOADS]: The skill references standard utilities such as npx, tsx, and wrangler, which are well-known services for executing Node.js scripts and Cloudflare D1 migrations.
- [SAFE]: Sample email generation instructions correctly use the example.com domain (RFC 2606), which is reserved for documentation to prevent accidental outreach to real users.
- [SAFE]: The skill does not exhibit any patterns of obfuscation, credential harvesting, or unauthorized data exfiltration.
- [SAFE]: Regarding potential indirect prompt injection (Category 8): 1. Ingestion points: Reads schema and migration files as described in workflow (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: Bash, Write, Edit, Glob, Grep (SKILL.md). 4. Sanitization: Absent. The risk is assessed as safe given the local development context.
Audit Metadata