tinybird-cli-guidelines
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Provides an extensive list of Tinybird CLI (tb) commands for workspace management, project synchronization, and data manipulation.
- [EXTERNAL_DOWNLOADS]: Documents how to use the tb datasource append --url command to fetch data from remote locations and the tb update command to download CLI updates from the official source.
- [DATA_EXFILTRATION]: The tb datasource append --url command presents a potential path for data exfiltration if the agent is manipulated into sending sensitive project data to an external endpoint controlled by an attacker.
- [CREDENTIALS_UNSAFE]: Includes instructions for managing sensitive authentication tokens and workspace secrets using tb token and tb secret commands.
- [PROMPT_INJECTION]: The skill facilitates the ingestion of untrusted data from local files or remote URLs without explicit validation or boundary markers, creating a surface area for indirect prompt injection where malicious instructions embedded in the data could influence the agent's behavior.
Audit Metadata