signals
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill instructs the agent to ingest and process natural language content from the
document_embeddingstable.\n - Ingestion points: Data is fetched from the
contentandmetadatacolumns of thedocument_embeddingstable via theposthog:execute-sqltool.\n - Boundary markers: The instructions do not include specific delimiters or warnings to disregard instructions embedded within the fetched signal data.\n
- Capability inventory: The agent utilizes the
posthog:execute-sqltool and processes the natural language output.\n - Sanitization: There is no mention of sanitizing or validating the content retrieved from the database before processing.\n- [COMMAND_EXECUTION]: The skill provides SQL query templates for use with the
posthog:execute-sqltool to interact with the database environment.
Audit Metadata