flyway-consolidate
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes standard tools such as
Glob,Read, andGrepto discover and analyze local SQL migration files within the project's directory structure. These operations are limited to the project's migration path (e.g.,**/db/migration/) and are consistent with its stated purpose of schema analysis. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes untrusted data from external SQL files.
- Ingestion points: SQL migration files matching
**/V*__*.sqlor**/R*__*.sqlare read into the agent's context. - Boundary markers: The instructions do not define specific delimiters or escaping mechanisms to prevent instructions embedded in SQL comments from being interpreted by the agent.
- Capability inventory: The skill uses file discovery and reading tools but lacks dangerous capabilities like network access or shell execution of the parsed content.
- Sanitization: There is no explicit sanitization or validation of the SQL content to filter out non-SQL instructions.
- Mitigation: While this presents an attack surface, the risk is limited as the skill's primary output is generated SQL text for human review, rather than direct execution of commands.
Audit Metadata