cloudbase-document-database-in-wechat-miniprogram

Pass

Audited by Gen Agent Trust Hub on May 21, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references technical documentation and sibling skills located at cnb.cool, which is the official code hosting infrastructure for the vendor. These references are used for project structure and dependency navigation.
  • [DATA_EXFILTRATION]: No unauthorized data collection or exfiltration patterns were found. The skill documentation focuses on legitimate use of the wx.cloud.database() API within the WeChat Mini Program environment.
  • [PROMPT_INJECTION]: The instructions do not contain any patterns typical of prompt injection, such as attempts to bypass safety filters or override system instructions.
  • [COMMAND_EXECUTION]: There are no shell commands or dynamic execution patterns that would allow for unauthorized code execution. All examples use standard JavaScript SDK calls.
  • [DATA_EXPOSURE]: The skill provides specific guidance on using database security rules (e.g., doc._openid == auth.openid) and warns against manually setting sensitive fields like _openid, which is a security best practice.
Audit Metadata
Risk Level
SAFE
Analyzed
May 21, 2026, 04:30 AM
Security Audit — agent-trust-hub — cloudbase-document-database-in-wechat-miniprogram