mirror
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill manages authentication using environment variables (
${DB2i_USER},${DB2i_PASS}), which is the recommended practice to avoid hardcoding credentials. - [SAFE]: All SQL tools use parameterized queries (e.g.,
:replication_state_filter,:iasp_filter) to ensure that user-provided input cannot be used for SQL injection attacks. - [SAFE]: The toolset is strictly limited to read-only operations on IBM i system views (
QSYS2.MIRROR_*), with no capabilities provided for system modification or configuration changes. - [SAFE]: The configuration includes
ignore-unauthorized: true, which disables SSL certificate validation for the database connection; while this is a security best practice violation that could allow for intercepting traffic on insecure networks, it is a common configuration for internal enterprise tooling and does not indicate malicious intent.
Audit Metadata