mongodb-natural-language-querying
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were identified. The skill is authored by a trusted vendor and implements standard read-only operations for query assistance using specialized database tools.
- [PROMPT_INJECTION]: The skill processes external data from database collections, creating a surface for potential indirect prompt injection.
- Ingestion points: Database metadata and document samples are retrieved through the mcp__mongodb__collection-schema and mcp__mongodb__find tools.
- Boundary markers: The skill does not define specific delimiters to isolate the ingested data from its instructions.
- Capability inventory: Execution is limited to the mcp__mongodb__* toolset.
- Sanitization: The instructions require the agent to validate all field names against the fetched schema to maintain query integrity.
Audit Metadata