jeecg-onlreport
Warn
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill documentation (SKILL.md) provides a pre-formatted shell command for local database operations that includes hardcoded default credentials (root/root).
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands via the mysql CLI to manually insert menu configuration into a database when working in local environments.
- [DATA_EXFILTRATION]: The core communication script, onlreport_api.py, explicitly disables SSL certificate verification by setting ssl.CERT_NONE. This configuration exposes the sensitive X-Access-Token and other report data to potential interception via Man-in-the-Middle (MITM) attacks.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its reliance on external data from JeecgBoot API responses to generate configurations and SQL.
- Ingestion points: Fetches report lists, fields, and SQL results from a user-specified API endpoint in onlreport_api.py.
- Boundary markers: No boundary markers or clear delimiters are used to wrap data ingested from the API.
- Capability inventory: The skill can create and edit report configurations, generate menu permissions, and execute SQL validation.
- Sanitization: No sanitization or validation of data retrieved from the remote API was found before it is processed by the agent.
Audit Metadata