logseq-schema
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill consists entirely of Markdown documentation and reference materials in 'SKILL.md' and the 'references/' directory. No executable scripts, binaries, or active code are included.
- [PROMPT_INJECTION]: The skill identifies a potential surface for indirect prompt injection as it involves processing user-controlled data from external Logseq databases.
- Ingestion points: Data retrieved from database attributes such as ':block/title', ':block/name', and ':block/content' via the 'logseq query' and 'logseq show' commands as described in 'references/logseq-datascript-query-examples.md'.
- Boundary markers: Absent; the instructions do not provide delimiters or specific warnings to the agent to disregard instructions embedded within the database content.
- Capability inventory: The skill references the 'logseq' CLI for graph creation and data retrieval in 'references/logseq-datascript-schema.md'.
- Sanitization: Absent; no procedures for validating, filtering, or escaping the retrieved database values are defined before the content is used in agent responses.
Audit Metadata