Skills
skills/serenorg/seren-skills/seren-db/Gen Agent Trust Hub

seren-db

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to use curl commands to interact with the SerenDB API for managing projects, branches, databases, and roles.
  • [EXTERNAL_DOWNLOADS]: The skill performs network operations targeting api.serendb.com to fetch configuration, metadata, and database query results.
  • [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it processes untrusted data from a database and API responses that could contain malicious instructions.
  • Ingestion points: Data ingested through API responses and SQL query results from api.serendb.com (SKILL.md).
  • Boundary markers: Absent. The instructions do not specify any delimiters or warnings to ignore instructions embedded in the processed data.
  • Capability inventory: Network operations via curl and database management/querying capabilities (SKILL.md).
  • Sanitization: Absent. There is no mention of sanitizing or validating the content retrieved from the database before the agent processes it.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 02:44 AM