cloudbase-document-database-web-sdk
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Documentation Analysis (SAFE): The skill is purely instructional, providing guidance on how to initialize and use the CloudBase Web SDK. No executable scripts are bundled with the skill.
- Data Exposure (SAFE): Code snippets use appropriate placeholders for sensitive information, such as
"your-env-id", preventing the leakage of real credentials. - Dependencies (SAFE): The skill references the standard
@cloudbase/js-sdkpackage. While the author organization (TencentCloudBase) is not on the pre-defined trusted list, the usage is confined to documentation imports and no automated installation or remote execution patterns are present. - Indirect Prompt Injection (LOW): As with any database interface, data retrieved from the database could potentially contain instructions intended to influence an AI agent. This is an inherent risk of data-processing skills and is noted as a surface rather than a direct vulnerability within the skill's code.
Audit Metadata