database-engineer
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides shell scripts (
scripts/analyze-schema.sh,scripts/index-advisor.sh,scripts/migration-plan.sh) designed to be executed by the agent to perform database maintenance and analysis. These scripts are local templates provided within the skill package. - [DATA_EXFILTRATION]: The provided helper scripts accept database credentials, including passwords, as command-line arguments. This method of credential handling poses a risk of data exposure as passwords may be captured in process lists, command history, or agent execution logs.
- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection because it is designed to ingest and process data from external sources such as database schemas and slow query logs.
- Ingestion points: Database metadata in
scripts/analyze-schema.shand log files inscripts/index-advisor.sh. - Boundary markers: No specific delimiters or boundary instructions are used to separate external data from agent instructions.
- Capability inventory: The skill allows for command execution (shell scripts) and database interactions.
- Sanitization: There is no evidence of sanitization or input validation performed on the data retrieved from external logs or database schemas within the provided script templates.
Audit Metadata