Skills
skills/maneeshanif/cli-todo-app-speckit/database-skill/Gen Agent Trust Hub

database-skill

Pass

Audited by Gen Agent Trust Hub on Feb 21, 2026

Risk Level: SAFE
Full Analysis
  • Data Exposure & Exfiltration (SAFE): The skill manages a local JSON database file (todo_data.json). No sensitive system files are accessed, and no external network communication is present.
  • Unverifiable Dependencies & Remote Code Execution (SAFE): The skill uses the established tinydb package. There are no remote script downloads or dynamic code execution patterns.
  • Indirect Prompt Injection (LOW): The skill acts as a data persistence layer for untrusted input. While it lacks explicit sanitization, it is limited to document storage without risky processing of the data. Evidence: 1. Ingestion points: insert and update methods in TodoDatabase. 2. Boundary markers: None. 3. Capability inventory: File system write/read via TinyDB. 4. Sanitization: None.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 21, 2026, 12:23 PM