clickhouse-cloud
Pass
Audited by Gen Agent Trust Hub on Feb 14, 2026
Risk Level: LOW
Full Analysis
- [SAFE] (SAFE): Analysis of the 16 files reveals no malicious patterns, prompt injection, or data exfiltration attempts. The skill is purely instructional and provides valid management workflows for ClickHouse Cloud.
- [COMMAND_EXECUTION] (INFO): The guides contain multiple bash examples for the
chvCLI. These are necessary for the skill's purpose and do not involve arbitrary or hidden command execution. The instructions explicitly warn users when a command is interactive (e.g.,chv cloud auth). - [DATA_EXPOSURE] (INFO): While the skill involves managing API credentials, it provides safe instructions for their handling. It recommends using a local credentials file created by the CLI rather than environment variables or flags that might leak into logs, and it advises the agent to let the user perform the authentication step themselves.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes specific IDs (service-id, backup-id) provided by the user or fetched from the CLI. It does not ingest untrusted external data (like web content) for decision-making, which keeps the injection surface minimal.
Audit Metadata