using-timeseries-databases
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- CREDENTIALS_UNSAFE (LOW): Hardcoded database credentials (
password="password"andadminpassword) are present inexamples/metrics-dashboard-backend/api.pyand the setup documentation inREADME.md. While common for local development examples, these represent a security risk if used in production environments. - PROMPT_INJECTION (MEDIUM): The skill establishes an ingestion pipeline for untrusted external data that lacks sanitization, creating a surface for Indirect Prompt Injection.
- Ingestion points: The MQTT subscriber in
examples/iot-data-pipeline/main.goreads raw JSON payloads from thesensors/#topic. - Boundary markers: No delimiters or "ignore embedded instructions" warnings are used when processing or storing the sensor data.
- Capability inventory: An agent utilizing this skill to monitor metrics might have downstream capabilities (e.g., triggering alerts, modifying system state, or summarizing logs). Attackers publishing to the MQTT broker could inject instructions into fields like
locationorsensor_idto influence the agent's behavior. - Sanitization: The Go pipeline and FastAPI backend perform standard JSON unmarshaling but do not sanitize string values against potential injection payloads.
- DATA_EXPOSURE (LOW): The FastAPI application in
examples/metrics-dashboard-backend/api.pyis configured with overly permissive CORS settings (allow_origins=["*"]), which could allow unauthorized cross-origin requests in a web environment.
Audit Metadata