cloud-sql-mysql-monitor
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill manages external dependencies by fetching a specific, pinned version of the @toolbox-sdk/server package from the NPM registry. This is consistent with the standard implementation for toolbox-based agent skills.
- [SAFE]: Sensitive data handling is restricted to reading local environment configuration files (.env) to authenticate with Cloud SQL instances, which is a standard operational practice for database tools.
- [SAFE]: Analysis of the skill for indirect prompt injection confirms that while it processes user-influenced data (SQL statements and PromQL queries), this is necessary for its primary purpose of database monitoring and troubleshooting.
- Ingestion points: Parameters sql_statement and query in get_query_plan.js, get_query_metrics.js, and get_system_metrics.js.
- Boundary markers: No specific delimiters or ignore instructions are provided in the skill prompt, which is common for focused technical tools.
- Capability inventory: The skill executes shell commands via spawn to run the toolbox server, which then interacts with the Google Cloud and MySQL APIs.
- Sanitization: The scripts include basic argument escaping for the Windows platform to prevent simple shell injection attacks.
Audit Metadata