Skills
skills/sundial-org/awesome-openclaw-skills/sql-gen/Gen Agent Trust Hub

sql-gen

Pass

Audited by Gen Agent Trust Hub on Mar 23, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill utilizes the npx utility to download and execute the ai-sql package from the public npm registry. This introduces a dependency on external code from a source that is not verified as part of the author's primary infrastructure.
  • [COMMAND_EXECUTION]: The skill's core functionality relies on executing shell commands, specifically using npx to run the ai-sql CLI tool with user-provided arguments.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection (Category 8) by interpolating untrusted natural language input into command-line arguments.
  • Ingestion points: User-supplied descriptions passed as arguments to the ai-sql command (e.g., in SKILL.md).
  • Boundary markers: Absent; input is placed directly within shell quotes without specialized delimiters or instructions to ignore embedded commands.
  • Capability inventory: Shell execution of the ai-sql tool.
  • Sanitization: No sanitization or validation logic is present in the skill instructions to filter or escape the natural language input before execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 23, 2026, 05:40 PM