lancedb
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill requires the
lancedbPython package. The package is legitimate, but the skill author ('poletron') is not a verified or trusted source. - [METADATA_POISONING] (MEDIUM): The skill requests
scope: [root], which suggests it may seek broad permissions over the host system, potentially exceeding what is necessary for managing a local vector database. - [INDIRECT_PROMPT_INJECTION] (MEDIUM): The skill provides an ingestion surface for untrusted data without providing sanitization or boundary markers.
- Ingestion points: Data is ingested via
db.create_tableand query filters are applied via the.where()clause. - Boundary markers: Absent; the templates show direct string interpolation in filters.
- Capability inventory: The patterns involve local filesystem write operations via
lancedb.connect()andcreate_table(). - Sanitization: None provided; the skill lacks guidance on escaping or validating user-provided strings before inclusion in queries.
- [NO_CODE] (SAFE): The skill package itself contains no executable scripts or binary files, consisting solely of markdown instructions and code templates.
Audit Metadata