database-testing
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it is designed to ingest and analyze untrusted database schemas and SQL code snippets.
- Ingestion points: External SQL code and schema definitions provided during testing and evaluation (documented in
evals/database-testing.yamlcasestc001throughtc018). - Boundary markers: The skill lacks explicit delimiters or instructions to ignore embedded natural language instructions within the data being analyzed.
- Capability inventory: The skill utilizes sensitive capabilities including raw SQL execution (
db.raw), transaction management, and agent-to-agent task delegation (Task). - Sanitization: No input validation or sanitization logic is specified for the code or data processed by the agent.
Audit Metadata