text-to-sql
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests natural language input to generate executable SQL code, creating a surface for indirect prompt injection. This is mitigated by 'Iron Laws' that require parameterized queries and validation of all identifiers against a provided schema.
- [EXTERNAL_DOWNLOADS]: The documentation suggests the use of 'promptfoo' for evaluation. Promptfoo is a widely recognized and trusted open-source tool for testing LLM outputs.
- [SAFE]: The skill incorporates safety best practices such as mandatory row limits on SELECT queries and explicit confirmation requirements for DELETE or DROP statements.
Audit Metadata