diagnosing-failed-warehouse-syncs
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill incorporates tools with the capacity to modify the state of data warehouse integrations, including destructive actions like
external-data-schemas-resync(which wipes synced data) andexternal-data-schemas-delete-data. These operations are guarded by explicit instructions in Step 5 to obtain human confirmation before execution. - [DATA_EXPOSURE]: The workflow facilitates the management of sensitive authentication data, such as API keys and SSH configuration, via the
external-data-sources-partial-updatetool. This is the intended primary purpose of the skill (credential rotation and recovery) and aligns with standard administrative practices for the vendor (PostHog). - [PROMPT_INJECTION]: The skill analyzes
latest_errorstrings retrieved from external data sources to classify failures. This constitutes an indirect prompt injection surface as error messages from external services could theoretically contain adversarial content. - Ingestion points: Error strings from
external-data-sources-retrieveandexternal-data-schemas-list. - Boundary markers: None present for the processing of external error strings.
- Capability inventory: The skill has access to tools for credential updates and destructive data operations across the data warehouse environment.
- Sanitization: No explicit sanitization or escaping is performed; the skill relies on substring matching to identify known error patterns.
Audit Metadata