Skills
skills/terminalskills/skills/ms-access/Gen Agent Trust Hub

ms-access

Fail

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The VBA automation code for linking SQL Server tables contains a hardcoded connection string with literal credentials. Evidence: 'UID=admin;PWD=password;'.
  • [COMMAND_EXECUTION]: The skill provides VBA scripts that perform file system operations using hardcoded absolute file paths on the C: drive, which can lead to unauthorized access or system errors. Evidence: 'C:\Reports\' and 'C:\Data\import.csv'.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface by importing and processing data from external CSV files without proper sanitization. Ingestion points: 'C:\Data\import.csv' in SKILL.md. Boundary markers: Absent. Capability inventory: 'CurrentDb.Execute' and 'DoCmd.OutputTo'. Sanitization: Absent.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 14, 2026, 11:50 AM