managing-database-schemas
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses standard shell commands (
cat,ls,grep,find) to detect ORM configurations and read schema definitions from the local filesystem. - [EXTERNAL_DOWNLOADS]: The skill utilizes
npxto execute commands from established database management ecosystems, specifically Prisma, Drizzle-kit, and TypeORM. These are well-known technology tools and their usage is consistent with the skill's primary purpose. - [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection by processing external source code files during schema analysis.
- Ingestion points: Reads files such as
prisma/schema.prisma,src/db/schema.ts, and entity files found insrc/**/*.ts. - Boundary markers: None; the content is processed directly for structural analysis.
- Capability inventory: File system access via shell utilities and execution of ORM CLI tools via
npx. - Sanitization: None; the skill relies on the agent's interpretation of the schema data.
Audit Metadata