sql-query-optimizer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The skill content is purely instructional, focusing on database performance, and contains no instructions to override agent behavior or bypass safety filters.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, API keys, or sensitive file paths were detected. The scripts interact with local database instances as intended for performance analysis.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill uses the standard
@prisma/clientlibrary and built-in Node.js modules likeperf_hooks. No remote code execution or suspicious downloads are present. - [Indirect Prompt Injection] (SAFE): The skill processes SQL queries which are potentially untrusted inputs. Ingestion points: SQL query strings provided to benchmarking scripts in
SKILL.md. Boundary markers: None present in the code snippets. Capability inventory: Database execution viaprisma.$queryRawandprisma.$executeRawinSKILL.md. Sanitization: The skill correctly demonstrates the use of Prisma's tagged template literals for raw queries, which provides built-in parameterization and protection against SQL injection.
Audit Metadata