Schema
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection due to its core function of generating executable database artifacts from untrusted inputs.\n
- Ingestion points: Receives data requirements, architecture context, and API data needs from Builder, Atlas, and Gateway agents as specified in SKILL.md.\n
- Boundary markers: The skill lacks explicit boundary markers or instructions to differentiate between user-provided data and system instructions during processing.\n
- Capability inventory: Generates database migration scripts, SQL schema definitions, and ORM code (Prisma, TypeORM, Drizzle) that are intended for execution in development or production environments.\n
- Sanitization: No explicit sanitization, validation, or escaping of input data is documented before its interpolation into generated code snippets or migration files.
Audit Metadata