clickhouse-io
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: A TypeScript code snippet demonstrating bulk data insertion is vulnerable to SQL injection.
- Ingestion points: The
tradesarray in thebulkInsertTradesfunction (SKILL.md) accepts external data. - Boundary markers: None present in the code template to prevent data from being interpreted as instructions.
- Capability inventory: The code uses
clickhouse.queryto execute SQL commands directly against the database. - Sanitization: Missing. The implementation uses string template literals (e.g.,
'${trade.id}') which allows an attacker to break out of the string literal and execute arbitrary SQL commands. - [DATA_EXPOSURE]: The code snippets reference environment variables for sensitive credentials (
CLICKHOUSE_USER,CLICKHOUSE_PASSWORD,DATABASE_URL). While using environment variables is a standard practice, users should be reminded to ensure these variables are managed securely in their execution environment.
Audit Metadata