sql-optimizer
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes external SQL queries and EXPLAIN plans as untrusted input (
SKILL.md). It does not incorporate boundary markers or clear instructions to treat the provided query text as non-executable data, creating a potential surface for indirect prompt injection if an attacker embeds agent instructions within SQL comments or strings. - Ingestion points: User-supplied SQL queries and EXPLAIN plan outputs.
- Boundary markers: None identified in the workflow or output templates.
- Capability inventory: No tools are explicitly requested in the skill manifest, which significantly limits the potential impact of an injection.
- Sanitization: There are no instructions for sanitizing or escaping the input queries before they are processed by the agent.
Audit Metadata