mongodb-schema-design
Pass
Audited by Gen Agent Trust Hub on May 26, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill integrates with a MongoDB MCP server to retrieve and process data from database collections, which introduces a surface for indirect prompt injection. Malicious instructions stored in the database could potentially influence agent behavior.
- Ingestion points: Data enters the context via MCP tools including
mcp__mongodb__collection-schema,mcp__mongodb__aggregate, andfindas described inSKILL.md. - Boundary markers: The skill includes an 'Action Policy' section in
SKILL.mdthat explicitly requires user confirmation before performing write or destructive operations. - Capability inventory: The skill can perform database reads, schema analysis, and user-approved updates or deletions (documented in
SKILL.mdand reference files). - Sanitization: There is no mention of explicit sanitization or filtering of database content before it is used in agent prompts.
- [EXTERNAL_DOWNLOADS]: The skill references the official MongoDB MCP Server repository (
github.com/mongodb-js/mongodb-mcp-server) for database verification. This is an integration with a resource provided by the skill's author and a well-known service.
Audit Metadata