schema-drift-detector
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands such as
git diffto inspect changes,git checkoutto restore files, andbin/rails db:migrateto reconcile the schema. These are standard operations for managing a Ruby on Rails database environment. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes untrusted data from Pull Request diffs. * Ingestion points: The names of migration files in
db/migrate/and the content of thedb/schema.rbdiff are retrieved viagit diff. * Boundary markers: No explicit delimiters or boundary markers are used to isolate the untrusted diff content from the agent's instructions. * Capability inventory: The agent has the ability to read project files and execute local shell commands. * Sanitization: The skill does not perform any validation or sanitization of the input data from the PR before analysis.
Audit Metadata