relational-database-mcp-cloudbase
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill identifies itself as a tool for CloudBase Relational Database management. All external links point to 'cnb.cool', which is the official code hosting platform for Tencent CloudBase, matching the author context.
- [SAFE]: Instructions focus on legitimate database lifecycle management, including provisioning, querying, and permission handling, with clear safety warnings for destructive actions such as MySQL destruction.
- [PROMPT_INJECTION]: The skill facilitates data ingestion from an external source (the database), creating a surface for indirect prompt injection. However, this is inherent to the skill's purpose and mitigated by instructional boundaries.
- Ingestion points: Results from
querySqlDatabase(SKILL.md). - Boundary markers: Not explicitly specified in the instructions.
- Capability inventory: Arbitrary SQL execution via
manageSqlDatabaseand permission management viamanagePermissions(SKILL.md). - Sanitization: Not present for the data read from the database.
Audit Metadata