motherduck-share-data
Pass
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides comprehensive instructions and SQL templates for MotherDuck's native data sharing functionality. It includes appropriate security-conscious guidance, such as prioritizing the most restrictive access levels and warning against sharing sensitive or PII data using unrestricted links.
- [SAFE]: Assessment for indirect prompt injection confirms that while the skill manages ingestion of external data via shared database URLs, it uses governed platform tools for these operations.
- Ingestion points: Data and metadata entry points include the ATTACH command and queries to MD_INFORMATION_SCHEMA (documented in references/SHARE_PLAYBOOK.md).
- Boundary markers: No explicit boundary markers are provided for query results in the instructions.
- Capability inventory: All database operations are performed via the motherduck-query tool as described in SKILL.md.
- Sanitization: The skill generates SQL templates for the agent to use, focusing on correct syntax rather than runtime input sanitization, which is appropriate for its intended use case.
Audit Metadata