ln-723-mockdata-migrator
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [INDIRECT PROMPT INJECTION] (HIGH): The skill processes untrusted ORM schema files to generate executable C# code. * Ingestion points: Phase 1 (Parse Schema) in SKILL.md reads external files. * Boundary markers: None specified to distinguish schema content from instructions. * Capability inventory: Phase 3 performs file writes for .cs generation, and Phase 4 executes a 'Compile check'. * Sanitization: No evidence of escaping or validation for identifiers extracted in references/drizzle_patterns.md or references/type_mapping.md.
- [COMMAND_EXECUTION] (HIGH): Phase 4 includes a 'Compile check' which likely executes system-level compilers (e.g., dotnet, csc). When combined with code generation from external, untrusted schemas, this presents a significant remote code execution vector if the compiler is not strictly sandboxed.
- [EXTERNAL_DOWNLOADS] (LOW): The diagram.html file references mermaid.min.js from cdn.jsdelivr.net. While standard for visualization, it is an external dependency from a non-whitelisted source.
Recommendations
- AI detected serious security threats
Audit Metadata