mcp-developer-analysis
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is a legitimate diagnostic extension from the official vendor. It implements a read-only workflow for investigating database performance and resource utilization without accessing user data.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes metadata from system catalog tables which could be influenced by database users. Ingestion points: SQL query results from the query_system_catalog tool. Boundary markers: No specific delimiting instructions are provided for data ingested from the catalog. Capability inventory: Access to the query_system_catalog tool, constrained to read-only system catalog queries. Sanitization: No explicit sanitization of database-sourced strings is performed.
Audit Metadata