explore
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns such as obfuscation, unauthorized data exfiltration, or suspicious command execution were detected. The skill uses official MotherDuck service domains and well-known libraries like pg and duckdb.
- [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection as it is designed to ingest and display database metadata and row content, which could theoretically contain attacker-controlled instructions.
- Ingestion points: Database metadata (tables, columns, comments) and sampled row data retrieved via SQL queries defined in SKILL.md and references/EXPLORATION_PLAYBOOK.md.
- Boundary markers: Absent; the skill does not provide specific instructions to the agent to disregard instructions embedded within the database content.
- Capability inventory: Connectivity to MotherDuck databases for read operations. No general-purpose shell access, file-system modification, or arbitrary network access is requested.
- Sanitization: Absent; the skill processes and displays database content directly as part of its primary exploration function.
Audit Metadata