paradedb-skill
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): README.md recommends installation via curl and npx from a repository outside the predefined trusted list.
- [PROMPT_INJECTION] (LOW): SKILL.md instructs the agent to fetch documentation from docs.paradedb.com, establishing an indirect prompt injection surface. 1. Ingestion points: docs.paradedb.com URL in SKILL.md. 2. Boundary markers: Absent; no delimiters are defined for the fetched text. 3. Capability inventory: Host agent capabilities (e.g., fetch, file operations). 4. Sanitization: Absent; no instructions for validating the external source.
Audit Metadata