text-to-sql
Fail
Audited by Snyk on Mar 3, 2026
Risk Level: CRITICAL
Full Analysis
CRITICAL E004: Prompt injection detected in skill instructions.
- Potential prompt injection detected (high risk: 0.70). The prompt includes an explicit "Memory Protocol (MANDATORY)" that instructs the agent to read and write persistent .claude/context memory files — an out-of-scope, state-changing directive for a text-to-SQL skill that could be used to persist or leak information, so it constitutes a deceptive/out-of-scope instruction.
Audit Metadata