grdb
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- PROMPT_INJECTION (SAFE): No override markers, role-play injections, or system prompt extraction attempts were found. The instructions are purely technical and aimed at guiding the agent's code generation for database operations.
- DATA_EXPOSURE & EXFILTRATION (SAFE): The skill uses standard iOS/macOS file system paths for database storage (Documents directory). No hardcoded credentials, sensitive system paths (like SSH keys), or suspicious network operations were detected.
- REMOTE_CODE_EXECUTION (SAFE): There are no patterns of piping remote scripts to shells (curl|bash). The skill references the legitimate open-source repository
https://github.com/groue/GRDB.swiftfor installation via Swift Package Manager. - INDIRECT PROMPT INJECTION (SAFE): While the skill enables the agent to execute SQL queries, the provided documentation explicitly encourages the use of parameterized queries and type-safe interfaces, which are industry-standard defenses against SQL injection.
- DYNAMIC EXECUTION (SAFE): The skill focuses on static code patterns and standard library usage. No unsafe deserialization (pickle) or runtime code generation from untrusted sources was found.
Audit Metadata