aiox-data-engineer
Warn
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The activation protocol automatically executes 'node .aiox-core/development/scripts/generate-greeting.js data-engineer' when the skill is loaded. This pattern executes scripts from the local development environment without explicit user confirmation during the initialization phase.
- [REMOTE_CODE_EXECUTION]: The skill relies on external script files and agent definitions located in '.aiox-core/' and '.codex/' that are not part of the skill's source code, creating a dependency on external code that is executed at runtime.
- [PROMPT_INJECTION]: The '*yolo' command allows the user to cycle the agent's permission mode to 'auto' or 'explore'. These modes are designed to bypass human-in-the-loop safety constraints, which could result in the agent performing sensitive or destructive database operations, such as schema modifications or RLS policy updates, without manual approval.
Audit Metadata