Skills
skills/zjy365/sealos-skills/sealos-database/Gen Agent Trust Hub

sealos-database

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes command-line tools to interact with the environment and the Sealos platform.
  • Executes scripts/analyze-project-database.mjs to scan the local project for database configurations.
  • Executes sealos-cli for provisioning and managing cloud databases.
  • [EXTERNAL_DOWNLOADS]: The skill dynamically acquires necessary tooling from external repositories.
  • Uses npx -y sealos-cli@latest to download and run the Sealos CLI if it is not present on the host system.
  • [DATA_EXFILTRATION]: The skill interacts with sensitive files containing credentials.
  • Reads and modifies project environment files like .env and .env.local to inject database connection strings.
  • Accesses the user's Sealos configuration at ~/.sealos/auth.json and ~/.sealos/kubeconfig for authentication.
  • [PROMPT_INJECTION]: The project analyzer script parses contents from the working directory, creating a surface for indirect instructions.
  • Ingestion: scripts/analyze-project-database.mjs reads project files to detect database signals.
  • Boundaries: SKILL.md directs the agent to inspect files before editing.
  • Capabilities: The skill can modify .env files and perform database operations via sealos-cli.
  • Sanitization: The analyzer extracts only keys and patterns, avoiding full content exposure.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 03:35 AM
Security Audit — agent-trust-hub — sealos-database