java-sql-audit
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to use standard system commands such as find and grep to locate high-risk files and SQL patterns within the provided project path. These operations are essential for static code auditing and are restricted to the local directory.
- [EXTERNAL_DOWNLOADS]: The skill references the use of an MCP tool to download the CFR decompiler (mcp__java-decompile-mcp__download_cfr_tool) if necessary. This is a legitimate dependency for the stated purpose of analyzing Java bytecode and is managed via the tool environment.
- [PROMPT_INJECTION]: Includes specific instructions ('Prohibit Omission Rules') to ensure the agent provides complete results without truncation. These are task-specific constraints for the auditing workflow and do not attempt to bypass system safety boundaries.
Audit Metadata