db-backup
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses standard database utilities such as pg_dump, mysqldump, and mongodump, along with the aws CLI, to perform its stated functions. These operations are essential for the primary purpose of database management.
- [DATA_EXFILTRATION]: Facilitates the transfer of database backups to external cloud storage (AWS S3). This data movement is the intended and documented primary function of the skill and uses well-known services.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by using user-supplied database names, hosts, and usernames to generate shell scripts.
- Ingestion points: User connection parameters defined in SKILL.md.
- Boundary markers: Not present in the generated script examples.
- Capability inventory: Shell command execution, network access to cloud storage, and local file system access for logging.
- Sanitization: The provided Bash templates do not demonstrate explicit input sanitization of the database parameters.
Audit Metadata