Skills
skills/rimthan-lab/rimthan-plugins/api-data-migration/Gen Agent Trust Hub

api-data-migration

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it processes untrusted user data to perform file-system modifications.\n
  • Ingestion points: User-provided arguments in the usage example (e.g., --name, --schema, --domain) enter the agent context via SKILL.md.\n
  • Boundary markers: Absent. There are no instructions or delimiters provided to the agent to prevent the interpretation of instructions that might be embedded within these inputs.\n
  • Capability inventory: The skill allows the use of Write and Edit tools to create and modify database schema files and migration scripts in the packages/db-main/ directory.\n
  • Sanitization: Absent. The instructions do not define any validation or escaping mechanisms for the user-supplied schema strings before they are interpolated into the generated code.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 03:11 AM