delta-sharing
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [Indirect Prompt Injection] (LOW): SQL Injection vulnerability detected in
templates/usage_monitoring.pydue to unsafe string interpolation. 1. Ingestion points:share_nameanddaysparameters in theget_share_usagemethod. 2. Boundary markers: None present; user-provided strings are directly wrapped in single quotes within the SQL query. 3. Capability inventory: The function generates SQL strings intended for execution against Databricks system tables (system.access.table_lineage). 4. Sanitization: None; the code uses f-string interpolation instead of parameterized queries. - [Data Exposure & Exfiltration] (LOW): Exposure of sensitive activation credentials. Evidence:
examples/external_data_sharing.pyprintsrecipient.activation_urlto the console. This URL provides direct access to download the Delta Sharing credential file (bearer token), which should be handled as a secret to prevent unauthorized data access.
Audit Metadata