snowflake
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
curlto perform network requests andjqto process JSON data, which are standard system tools. - [EXTERNAL_DOWNLOADS]: The skill communicates with
snowflakecomputing.com, which is a well-known and legitimate service provider for data warehousing. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing untrusted data from SQL query results.
- Ingestion points: Data from the Snowflake SQL API is processed using
jqwithin theSKILL.mdfile. - Boundary markers: No boundary markers or delimiters are present to isolate the database data from agent instructions.
- Capability inventory: The skill has access to network operations via
curland data manipulation viajq. - Sanitization: No sanitization or validation is performed on the data retrieved from the database queries.
Audit Metadata