relational-database-mcp-cloudbase

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill identifies itself as a tool for CloudBase Relational Database management. All external links point to 'cnb.cool', which is the official code hosting platform for Tencent CloudBase, matching the author context.
  • [SAFE]: Instructions focus on legitimate database lifecycle management, including provisioning, querying, and permission handling, with clear safety warnings for destructive actions such as MySQL destruction.
  • [PROMPT_INJECTION]: The skill facilitates data ingestion from an external source (the database), creating a surface for indirect prompt injection. However, this is inherent to the skill's purpose and mitigated by instructional boundaries.
  • Ingestion points: Results from querySqlDatabase (SKILL.md).
  • Boundary markers: Not explicitly specified in the instructions.
  • Capability inventory: Arbitrary SQL execution via manageSqlDatabase and permission management via managePermissions (SKILL.md).
  • Sanitization: Not present for the data read from the database.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 05:08 PM
Security Audit — agent-trust-hub — relational-database-mcp-cloudbase