schema-validation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): No external dependencies, packages, or remote scripts are downloaded. All validation logic and rules are contained within local Bash scripts and JSON/Markdown templates.
- [COMMAND_EXECUTION] (SAFE): The skill executes local validation scripts and standard Linux utilities (grep, find, sed, awk) to parse SQL files. It optionally attempts to run
psql --dry-runfor syntax verification if the PostgreSQL client is available on the host, which is a legitimate use case for schema validation. - [DATA_EXFILTRATION] (SAFE): No network operations (curl, wget, fetch) were detected. The skill only performs local file read/write operations to generate a validation report.
- [PROMPT_INJECTION] (SAFE): No instructions targeting agent behavior, safety filter bypass, or role-play injections were found in the markdown files or metadata.
- [CREDENTIALS_UNSAFE] (SAFE): No hardcoded API keys, tokens, or database credentials were found. The skill operates on schema files and does not require active database connections beyond an optional local syntax check.
- [INDIRECT_PROMPT_INJECTION] (LOW): As a static analysis tool, the skill reads user-provided SQL files. While this creates a surface for indirect prompt injection if an attacker embeds instructions in SQL comments that the agent later reads in the generated report, this is a standard risk for development tools and is mitigated by the structured nature of the report output.
Audit Metadata