state-db
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it retrieves data from an external database for agent processing.
- Ingestion points: Remote data is fetched from the Supabase REST API via SB_URL defined in SKILL.md.
- Boundary markers: Absent; the skill does not specify the use of delimiters or 'ignore' instructions for retrieved content.
- Capability inventory: The agent uses
curl,jq,sed, andtailto execute operations. - Sanitization: Absent; no validation or escaping of the remote JSON payload is defined.
- [COMMAND_EXECUTION]: Employs shell commands including
curlfor network requests andjq,sed, andtailfor processing API responses. - [EXTERNAL_DOWNLOADS]: Communicates with external Supabase endpoints to fetch and update persistent state data.
- [DATA_EXFILTRATION]: Transmits state information and session data to a remote database; the destination is managed via user-defined environment variables.
Audit Metadata