delta-live-tables
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Data Exposure & Exfiltration (SAFE): The templates use standard cloud storage mount points (e.g.,
/mnt/landing/,/mnt/dlt/) for data processing. No sensitive local file paths (such as~/.sshor.env) are accessed, and no credentials are hardcoded. All storage paths are used as configuration parameters. - Unverifiable Dependencies & Remote Code Execution (SAFE): The configuration file
templates/dlt_pipeline_config.yamlreferences standard, versioned Python packages (pandas==1.5.3,great-expectations==0.15.50) and native Databricks init scripts. These are standard features for cluster customization and do not point to untrusted remote sources. - Indirect Prompt Injection (LOW): As a data processing skill, it ingests data from external storage. The skill implements robust mitigation surface via
@dlt.expectdecorators for data quality and schema enforcement through Spark's Auto Loader. No capabilities were identified that would allow ingested data to be executed as logic or instructions. - Dynamic Execution (SAFE): The skill uses a factory pattern in
templates/bronze_ingestion_template.pyto dynamically define DLT tables. This is a common and safe pattern in the Delta Live Tables framework for code reusability and does not involve the execution of untrusted external strings as code.
Audit Metadata