duckdb-sql
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted data from local files, which presents a surface for indirect prompt injection. Malicious instructions embedded within analyzed data files could attempt to influence the agent's logic or behavior.
- Ingestion points: The skill reads external files such as 'data.csv' and 'logs/*.csv' using DuckDB's
sql()method as defined inSKILL.md. - Boundary markers: There are no explicit boundary markers or system instructions provided to ensure the agent distinguishes between raw data and executable instructions.
- Capability inventory: The skill possesses the capability to read any file accessible to the agent and can write data to the filesystem using the
COPY TOSQL command. - Sanitization: No input validation or content filtering is performed on the data queried from external files before it is processed or presented to the agent.
Audit Metadata