The Agent Skills Directory

COMMAND_EXECUTION (HIGH): The skill enables direct database manipulation through the mongosh utility. It provides instructions for high-impact destructive operations such as db.dropDatabase() and db.users.drop(), which pose a significant risk if an agent is coerced into executing them maliciously.
DATA_EXFILTRATION (HIGH): The inclusion of mongodump and mongoexport commands allows for the creation of complete database backups or structured data exports to the local filesystem. This capability can be abused to move sensitive information to unauthorized locations.
INDIRECT_PROMPT_INJECTION (HIGH): The skill facilitates the ingestion of external database content, creating a critical vulnerability surface. Malicious payloads stored within database documents could influence the agent's logic to execute unauthorized tasks. 1. Ingestion points: db.users.find(), db.users.findOne(), and aggregation pipelines. 2. Boundary markers: Absent. No instructions are provided to separate data from instructions. 3. Capability inventory: Shell execution (mongosh), file writing (exports/dumps), and database modification (drop/delete). 4. Sanitization: None. The agent is instructed to process raw database documents directly.
CREDENTIALS_UNSAFE (LOW): The skill provides connection string templates containing 'user:password'. Although these are intended as placeholders, they promote the insecure practice of passing cleartext credentials via command-line arguments, which can be logged and exposed in process lists.

mongodb