sqlmodel
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill documentation includes standard
pip installcommands forsqlmodeland various database drivers (aiosqlite,asyncpg,aiomysql). These are standard library installations from the official Python Package Index (PyPI). - [COMMAND_EXECUTION] (SAFE): The provided code examples demonstrate standard database operations and FastAPI integration. No unauthorized or dangerous command execution patterns were detected.
- [DATA_EXFILTRATION] (SAFE): Database connection strings use local SQLite paths or generic placeholders. There are no hardcoded secrets or unauthorized data transmission logic.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill facilitates reading data from external databases into the agent's context. While the underlying libraries use parameterized queries to prevent SQL injection, data retrieved from databases should be treated as untrusted if subsequently used in prompt generation.
Audit Metadata