mongodb-natural-language-querying
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill operates as a read-only query generator. All external resources and tool names (
mcp__mongodb__*) are consistent with the provided author (mongodb) and the skill's stated purpose. No obfuscation, persistence, or data exfiltration patterns were detected. - [COMMAND_EXECUTION]: The skill instructs the agent to use various MongoDB MCP tools (
list-databases,list-collections,collection-indexes,collection-schema, andfind) to gather context. These tools are used within the expected scope of query generation. - [PROMPT_INJECTION]: Indirect Prompt Injection Surface Detection:
- Ingestion points: Untrusted data enters the agent context through the
mcp__mongodb__collection-schemaandmcp__mongodb__findtools (specified in SKILL.md). - Boundary markers: Absent. The skill does not provide delimiters or instructions to ignore potential commands embedded within the database samples or schema fields.
- Capability inventory: The agent is granted access to the
mcp__mongodb__*toolset for database interaction. - Sanitization: No validation or sanitization is performed on the data returned from the database before it is interpolated into the agent's reasoning process.
Audit Metadata