Skills
NYC
skills/microck/ordinary-claude-skills/sql-research/Gen Agent Trust Hub

sql-research

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (HIGH): The skill is highly susceptible to indirect prompt injection because it instructs the agent to retrieve untrusted data from the web and use it to perform write/execute-level operations.
  • Ingestion points: External content retrieved via WebSearch for various SQL dialects and functions (defined in SKILL.md research workflow).
  • Boundary markers: Absent; the instructions do not provide delimiters or warnings for the agent to ignore potentially malicious instructions embedded in the documentation it finds.
  • Capability inventory: The agent is instructed to create/modify files (research/*.md) and, more critically, to 'Implement SQL translations' and 'Write SQL-generating code'.
  • Sanitization: Absent; there are no verification or sanitization steps to ensure the retrieved SQL syntax or examples are safe before implementation.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 09:04 PM