drizzle
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [PROMPT_INJECTION] (SAFE): No instructions were found that attempt to override system prompts, bypass safety filters, or jailbreak the agent. The skill instructions are limited to navigation and search within the documentation.
- [DATA_EXFILTRATION] (SAFE): No access to sensitive system paths (e.g., ~/.ssh, ~/.aws) or unauthorized network requests were detected. The source URL provided is for documentation attribution.
- [COMMAND_EXECUTION] (SAFE): The skill specifies 'Read', 'Glob', and 'Grep' as allowed tools. These are restricted to local documentation files. No arbitrary shell execution or dangerous subprocess patterns were found.
- [EXTERNAL_DOWNLOADS] (SAFE): The skill does not automate any runtime downloads or remote script execution. It references a static documentation source.
- [REMOTE_CODE_EXECUTION] (SAFE): No patterns of remote code execution or dynamic execution of untrusted code were identified.
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection surface: The skill ingests untrusted documentation content from the 'docs/' directory via 'Read', 'Glob', and 'Grep'. While it lacks explicit boundary markers or sanitization for this content, the risk is assessed as LOW because the capabilities are read-only and the data source (orm.drizzle.team) is established and reputable.
Audit Metadata