observable-framework-sql
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The content is technical documentation for the Observable Framework, provided by a trusted organization. It describes standard features for data analysis and visualization without any malicious patterns or hidden code.
- [EXTERNAL_DOWNLOADS]: The documentation describes how to register tables from external URLs, such as USGS earthquake data. This is presented as a legitimate feature for remote data access, and the skill correctly recommends using local files for performance and reliability.
- [PROMPT_INJECTION]: The skill documents the ability to interpolate JavaScript expressions into SQL queries using template literals. Importantly, it includes a prominent warning for developers about the risks of SQL injection and the need to sanitize user input, demonstrating security awareness in its instructions.
Audit Metadata