mongodb-atlas
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE] (HIGH): Hardcoded credentials found in connection string examples and Docker management commands. Evidence: 'rootpassword' used in 'mongodb://' URI and 'docker exec' command in SKILL.md.
- [COMMAND_EXECUTION] (LOW): The skill is authorized to use the Bash tool for database administration.
- [PROMPT_INJECTION] (LOW): Indirect prompt injection surface (Category 8). 1. Ingestion points: Database query results and schemas via Bash and WebFetch. 2. Boundary markers: Absent. 3. Capability inventory: Bash, Write, Edit, WebFetch. 4. Sanitization: Absent.
Recommendations
- AI detected serious security threats
Audit Metadata