motherduck-query
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to generate and execute SQL commands against MotherDuck databases. It includes defensive instructions for handling high-risk operations like
ATTACH,DETACH, andSHUTDOWN, mandating the use of specific write-capable tools (e.g.,query_rw) only upon explicit user confirmation. - [DATA_EXPOSURE]: The skill facilitates data analysis and exploration. While it enables access to database content, it follows best practices for credential management (requiring a prior connection via
motherduck-connect) and does not contain hardcoded secrets or unauthorized data exfiltration patterns. - [INDIRECT_PROMPT_INJECTION]: The skill has a potential surface for indirect prompt injection as it processes and presents results from external databases.
- Ingestion points: SQL query results returned from MotherDuck databases (referenced in
SKILL.md). - Boundary markers: Absent; the instructions do not specify delimiters for database output.
- Capability inventory: Execution of SQL queries (including read and write capabilities) and analytical transformations.
- Sanitization: Absent; the skill relies on standard agent handling of structured SQL results.
- [REMOTE_CODE_EXECUTION]: There are no patterns involving the download or execution of untrusted scripts or the installation of unverified packages. It explicitly warns against installing extensions at runtime as a common mistake.
Audit Metadata