ecto-constraint-debug
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is a collection of debugging guides and code templates for the Elixir Ecto library.
- [COMMAND_EXECUTION]: Suggests using the grep utility to search for specific strings within local project directories like lib/ and priv/repo/migrations/. This is standard development practice and restricted to local paths.
- [PROMPT_INJECTION]: Identifies an indirect prompt injection surface where the agent processes external logs and code to inform tool calls. 1. Ingestion points: Database error logs and local migration files. 2. Boundary markers: None specified for the data being parsed. 3. Capability inventory: Local file search via grep, and suggested tool-based SQL query and code evaluation capabilities (mcp__tidewave__). 4. Sanitization: The skill does not explicitly instruct the agent to sanitize or escape data extracted from logs before usage.
Audit Metadata